AIST3720 TechPrac

AIST3720 TechPrac02 Specs

25 pts - Linux Command Line Q&A

Visit this course in D2L and complete Quiz02 by the due date / time for this assignment. Note that you will have 15 questions each worth 2 pts so there is a bonus opportunity of up to 5 pts.
(25 pts) Scripting 'Old School'

Ref: (Video) Quick course in 'old school' scripting

Ref: (Text file) Example Linux bash script

Ref: (Text file) Example Windows bat script
1. Linux Version
  
  Using your xxxxLS1 VM install this text file as TP02.sh in your (admin login) home folder (not Documents). This bash script accepts exactly one parameter which is the name of the directory within Documents (of whichever user is running the script) to use for (re)creating a file named NewStuff.txt with some text. From your home folder, execute the script using sh TP02.sh Dir4TP02 capturing the results in a screen cap named SOS1LS.jpg (or other image format).
  
  Based on the example script create a new bash script TP02a.sh which accepts two parameters: the first is the directory name as before and the second is the file name (instead of always NewFile.txt) to (re)create. From your own login in your home folder execute the script using sh TP02a.sh Dir4TP02a Demo.txt capturing the results in a screen cap named SOS2LS.jpg.
  
  Copy TP02a.sh to TP02ash.txt (so it can be uploaded in D2L). Attach the two screen caps and TP02ash.txt to this assignment in D2L.
2. Windows Version
  
  Using your xxxxWS1 VM install this text file as TP02.bat in your (admin login) home folder (not Documents). This bat script accepts exactly one parameter which is the name of the directory within Documents (of whichever user is running the script) to use for (re)creating a file named NewStuff.txt with some text. From your home folder, execute the script using TP02 Dir4TP02 capturing the results in a screen cap named SOS1WS.jpg (or other image format).
  
  Based on the example script create a new bat script TP02a.bat which accepts two parameters: the first is the directory name as before and the second is the file name (instead of always NewFile.txt) to (re)create. From your own login in your home folder execute the script using TP02a Dir4TP02a Demo.txt capturing the results in a screen cap named SOS2WS.jpg.
  
  Copy TP02a.bat to TP02abat.txt (so it can be uploaded in D2L). Attach the two screen caps and TP02abat.txt to this assignment in D2L.
(25 pts) A look at environment variables

Ref: (Video) Environment variables intro

Ref: (Files) MyDir.bat (for Windows) and MyDir.sh (for Linux)

Develop a Word document named EnvironmentVariables101.docx. In paragraph one describe what environment variables are and briefly how an operating system, sys admins, and developers use them. In a second paragraph report the value of the HOME (Linux) and HOMEPATH (Windows) environment variables and describe what this variable value is providing. Include a third paragraph describing the PATH environment variable (used by both Linux and Windows); not its value but what it is used for.

Complete the following tasks in your VMs adding screen caps as indicated to your document.
1. In both your xxxxLS1 and xxxxWS1 servers add the user environment variable FAVCLASS and set its value to AIST3720 (naturally). Use the command line to show the value of your your FAVCLASS environment variables adding a screen cap of each result (one from each VM) to your document.
2. Save MyDir.bat in your xxxxWS1 VM in a directory that is part of the PATH but not your \Users\{LoginID} directory. Execute the script using a cmd or PowerShell console from your \Users\{LoginID} directory (i.e., make \Users\{LoginID} is your current working directory) without any path prefix (i.e., use the command MyDir.bat). The result should show where the script actually ran from; add a screen cap of your command and the result to your document.
3. Save MyDir.sh in your xxxxLS1 VM in a directory that is part of the PATH but not your /home/{LoginID} directory. Execute the script using terminal your /home/{LoginID} directory (i.e., make /home/{LoginID} is your current working directory) without any path prefix (i.e., use the command bash MyDir.sh). The result should show where the script actually ran from; add a screen cap of your command and the result to your document.
Attach your completed document to this assignment in D2L.
(25 pts) Configuring & using remote access
1. Windows Remote Desktop
  
  Ref: (Article) Enable Remote Desktop
  
  Ref: (Video) Configuring Windows Remote Desktop | Notes
  
  Addendum: In the video I ping my Windows server VM. Ping isn't required to setup Remote Desktop but to ping a Windows computer, some modifications to the server's firewall are needed. Visit Configure Windows Server to Respond to ping for guidance on setting this up if you are interested.
  
  Refs for connecting via RDP: (Videos) using remote desktop client from a Windows PC and using remote desktop client from a Mac
  
  Do the following in your xxxxWS1 Windows Server VM from your admin login:
  1. Check that your VM is using a NAT network connector and that the connection between your VM and host computer is active
  2. Enable Remote Desktop (RDP)
  3. Verify that the tuser login created earlier is still working
  4. Add a user with login ID ruser and full name Remote User (password and other details are up to you)
  5. Configure Remote Desktop so that only your admin login and ruser can RDP to your server (i.e., tuser cannot)
  From your host computer (while the VM is running) access your VM as ruser via a RDP client. Leave this session alive as you try to access your VM as tuser via a RDP client.
  
  Return to your Windows Server VM as admin and execute the following commands in a PowerShell console (you may want to verify that the event-log shows a failure for tuser to login and a success for ruser and query user shows your admin login and ruser as active):
```
Get-Date | Out-File .\DemoRDP.txt
$env:ComputerName | Out-File .\DemoRDP.txt -Append
$env:UserName | Out-File .\DemoRDP.txt -Append
Get-EventLog -LogName Security | `
    Where-Object {$_.Message.contains("tuser") -or $_.Message.contains("ruser")} | `
    Select-Object -Property TimeGenerated -ExpandProperty Message -first 20 | `
    Out-File .\DemoRDP.txt -Append
query user /server:$SERVER | Out-File .\DemoRDP.txt -Append
```
  Attach DemoRDP.txt to this assignment in D2L
2. Linux Secure Shell
  
  Ref: (Article) Enabling SSH in Ubuntu
  
  Ref: (Video) Configuring Linux Secure Shell | Notes
  
  Ref for connecting via SSH: (Article) How to Connect to an SSH Server from Windows, macOS, or Linux but note that Windows 10 now includes an SSH client so SSH can be used (as with connecting from Linux or a Mac) rather than using PuTTy.
  
  Do the following in your local VMware Linux VM from your admin login:
  1. Check that your VM is using a NAT network connector and that the connection between your VM and host computer is active
  2. Enable Secure Shell (SSH)
  3. Verify that the tuser login created earlier is still working
  4. Add a user with login ID ruser and full name Remote User (password and other details are up to you)
  5. Disable the firewall if it's active (for now, anyway)
  6. Configure SSH so that only your admin login and ruser can use SSH (i.e., tuser cannot)
  From your host computer (while the VM is running) access your VM as ruser via a SSH client. Leave this session alive as you try to access your VM as tuser via a SSH client.
  
  Return to your Linux VM as admin and execute the following commands in terminal (you may want to verify that the auth.log shows a failure for tuser to login and a success for ruser and w shows your admin login and ruser as active):
```
date > DemoSSH.txt
hostname >> DemoSSH.txt
whoami >> DemoSSH.txt
tail /var/log/auth.log >> DemoSSH.txt
w >> DemoSSH.txt
```
  Attach DemoSSH.txt to this assignment in D2L.
(25 pts) User Policies 101
1. Setting User Policies
  
  Ref: No video demo but something you should be able to accomplish from brief Server Policies 101 Notes and the readings for review from the agenda
  
  In your xxxxWS1 VM set the following policies for the computer and in your xxxxLS1 VM set them for the user tuser created in an earlier exercise. Policies should require
  1. users to change passwords every 180 days (FWIW research shows that requiring users to change passwords regularly leads to weaker passwords; but as task you should be able to do it)
  2. at least 10 days after a password change to change it again (not sure why something like this exists, really; again, as a task you should be able to do it)
  3. a strong password of 8 or more characters.
  4. automatic log off of users after 30 minutes or more of inactivity
  After setting policies
  1. In your xxxxWS1 Windows Server (without Active Directory) use commands date | hostname | whoami | net accounts (from the cmd console or Windows Powershell) and create a screen cap named WS1Pol.jpg of the results.
  2. In your xxxxLS1 Linux server execute the commands date | hostname | whoami | sudo chage -l tuser in a terminal creating a screen cap named LS1Pol.jpg with the results.
  Attach the two image files to this assignment in D2L
2. Password Policy Document
  
  Refs: A Free Password Policy Template | Password policy recommendations (Microsoft)
  
  Using (recommended) the template document from A Free Password Policy Template as a starting point develop a Word document named PasswordPolicy.docx proposes your guidelines for password policies in your company named AIST3720 OS & Sys Admin, Inc. Your document needs to include 3 references cited at the end of your policy (the two above can be used so find at least one more reference). For each point of your policy (e.g., the template's numbered items in Password Creation, Password Aging, and Password Protection) add a sentence or two with a rationale and identify which reference(s) support your policy.
  
  You will end up with maybe 1.5 to 2 pages single-spaced do if you are headed beyond that then pare back a bit. The important aspects are a clear policy and rationale along with a cited reference, not so much agreeing with some 'book answer' only the instructor has. Attach your completed document to this assignment in D2L.