GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → dbroeglin → windows-lab

dbroeglin / windows-lab

Licence: MIT License
Windows Automated Lab with Vagrant

Programming Languages

powershell
5483 projects
shell
77523 projects

Labels

windowsvagrantexperimentaldelegationlabiisconfiguration-managementnetscaleradfskerberosautomatedwia-authentication

Projects that are alternatives of or similar to windows-lab

ants
Awesome Networking Tools Sandbox
Stars: ✭ 21 (-73.08%)
Mutual labels:  vagrant, lab
vagrant-alm
An excerpt of an ALM environment built on top of Vagrant, Libvirt and Ansible
Stars: ✭ 44 (-43.59%)
Mutual labels:  vagrant, lab
KerberosConfigMgrIIS
Kerberos Configuration Manager for IIS
Stars: ✭ 40 (-48.72%)
Mutual labels:  iis, kerberos
kas
Setup tool for bitbake based projects
Stars: ✭ 178 (+128.21%)
Mutual labels:  configuration-management
dairybox
Local development VM and tools for Jammer Core
Stars: ✭ 32 (-58.97%)
Mutual labels:  vagrant
vagrant-puppetmaster
A simple vagrant setup exposing all permutations of puppetmaster roles
Stars: ✭ 19 (-75.64%)
Mutual labels:  vagrant
k8s-lab-plz
Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.
Stars: ✭ 38 (-51.28%)
Mutual labels:  lab
stoqs
Geospatial database visualization software for oceanographic measurement data
Stars: ✭ 31 (-60.26%)
Mutual labels:  vagrant
ansible-rabbitmq-cluster
No description or website provided.
Stars: ✭ 21 (-73.08%)
Mutual labels:  configuration-management
analog-ce
Analog CE
Stars: ✭ 14 (-82.05%)
Mutual labels:  iis
baresip-webrtc
Baresip WebRTC Demo
Stars: ✭ 33 (-57.69%)
Mutual labels:  experimental
marvin-vagrant-dev
No description or website provided.
Stars: ✭ 26 (-66.67%)
Mutual labels:  vagrant
envkey-ruby
EnvKey's official Ruby client library
Stars: ✭ 24 (-69.23%)
Mutual labels:  configuration-management
denoflow
Configuration as Code, use YAML to write automated workflows that run on Deno, with any Deno modules, Typescript/Javascript codes
Stars: ✭ 143 (+83.33%)
Mutual labels:  automated
make-windows-vm
Automatically create Windows Virtual Machines in Linux KVM
Stars: ✭ 16 (-79.49%)
Mutual labels:  automated
Audit-Test-Automation
The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.
Stars: ✭ 37 (-52.56%)
Mutual labels:  iis
MetaLIMS
MetaLIMS, A Simple Open-Source Laboratory Information Management System for Small Metagenomic Labs
Stars: ✭ 39 (-50%)
Mutual labels:  lab
DavesMapper
The juicy bits behind Dave's Mapper
Stars: ✭ 16 (-79.49%)
Mutual labels:  vagrant
webdav exploit
An exploit for Microsoft IIS 6.0 CVE-2017-7269
Stars: ✭ 20 (-74.36%)
Mutual labels:  iis
packer-ubuntu-18.04
packer example - Ubuntu Server 18.04.5
Stars: ✭ 37 (-52.56%)
Mutual labels:  vagrant
View All Similar Projects ➔

Lab

The lab is setup as described in the diagram:

172.16.124.0/24
+-----------------------------------------------------+
    .50 |     .51 |        .52 |        .53 |
        |         |            |            |
        |         |            |            |
    +------+  +-------+  +----------+  +--------+
    |      |  |       |  |          |  |        |
    | dc01 |  | web01 |  | client01 |  | adfs01 |
    |      |  |       |  |          |  |        |
    +------+  +-------+  +----------+  +--------+
  • dc01: setup a domain controller for domain lab.local, all other servers are joined to the domain.
  • web01: setup an IIS server for FQDN www.lab.local with windows integrated authentication activated.
  • client01: another server that acts as a client. Chrome is installed and setup to work do allow for WIA authentication with *.lab.local.
  • adfs01: [EXPERIMENTAL] setup an ADFS server for experimentation with external domain extlab.local.

Run

Before you run vagrant up edit the Vagrantfile to adapt those variables:

$NET_PREFIX       = "172.16.124"
$BRIDGE_IF        = "vmnet1"
$DOWNLOADS_DIR    = "/Volumes/EXT/Downloads"

The network prefix should be adapted to whatever network you bridge too (make sure the IPs 50 to 53 are free or change them as well in the file). All VMs are bridge to the same interface. In my case the VMWare network that hosts my virtual Netscaler instance. The download dir should contain googlechromestandaloneenterprise.msi which can be downloaded from here: https://www.google.com/work/chrome/chrome-browser/

Tests

To test that IIS and WIA authentication are properly setup go to the client01 VM, open a PowerShell console and execute the following command:

C:\Sysinternals\psexec -accepteula -u LAB\Alice -p Passw0rd "C:\Program Files\Internet Explorer\iexplore" http://www.lab.local/

If everything went according to plan you should see Hello World! in the browser.

Annex 1: NetScaler Setup

Lab setup for NetScaler testing

I also use the lab for NetScaler configuration testing. In which case I would launch NetScaler in VMWare Fusion (hence the bridge with vmnet1):

                            +------+
                            |      |
                            | ns01 |
                            |      |
                            +--+---+
                                |
                       NSIP .10 | .11 SNIP
172.16.124.0/24                 | .12 VIP
+-------+---------+------------++-----------+---------+
    .50 |     .51 |        .52 |        .53 |
        |         |            |            |
        |         |            |            |
    +---+--+  +---+---+  +-----+----+  +----+---+
    |      |  |       |  |          |  |        |
    | dc01 |  | web01 |  | client01 |  | adfs01 |
    |      |  |       |  |          |  |        |
    +------+  +-------+  +----------+  +--------+

To test NetScaler authentication: ensure the lab was created with variable environment WITH_NETSCALER set to true or execute provisioning files 03_populate_AD2.ps1 in DC01 and 05_populate_adfs.ps1 in ADFS01.

NetScaler configuration

After provisioning a NetScaler instance place a license file in the licenses directory (by default the script uses ns01.lic)

To connect to the NetScaler instance:

./NSConfig.ps1 -Connect

This command will completely reset your NetScaler instance to prepare it for a new configuration:

./NSConfig.ps1 -Reset
./NSConfig.ps1 -Bootstrap

Finally deploying the configuration is done with:

./NSConfig.ps1 -Verbose

If you do not require a full instance reset (with certificate file and license cleanup), you can use:

Clear-NSConfig -Level Full -Force; ./NSConfig.ps1 -Verbose

Those two commands allow for a faster feedback loop when working on the NetScaler configuration.

NetScaler configuration testing

To test the NetScaler configuration, just enter [https://www.extlab.local][https://www.extlab.local] into a browser in the client01 host.

Annex 2: Certificate generation

We use auto-signed SSL certificates in the lab. They are stored in the certs directory and where generated with the code present in Contrib\New-TestCertificates.ps1.

The ADFS Token Signing certificate is generated during ADFS installation and stored in the tmp directory. The certificate is then reused by the NetScaler configuration script. This directory's content is not committed to source control because each ADFS installation will be different.

Annex 3: Generating the lab's Windows base box

Vagrant uses base boxes to build virtual machines. To build the base box for this lab you will need to install [Packer][https://www.packer.io/] and :

git clone https://github.com/dbroeglin/packer-templates.git
cd packer-templates
packer build -force -only virtualbox-iso vbox-2012r2-wmf5.json

Once the base box is built, import it with the following command:

vagrant box add --name windows2012r2min-wmf5-virtualbox windows2012r2min-wmf5-virtualbox.box

You should be ready to go.

Before running packer, you might want to customize the build to your preferences. For instance, the keyboard layout can be changed here: https://github.com/dbroeglin/packer-templates/blob/master/scripts/postunattend.xml#L14

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].