.::: How To Install Cursor and PowerAdmin for powerDNS :::.

after install powerdns as http://teguhth.blogspot.com/2019/08/how-to-install-powerdns-and-poweradmin.html now install poweradmin

1. Installing PowerAdmin to Manage PowerDNS
[root@powerdns-teguht ~]# yum -y install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext

2. Install additonal package
[root@powerdns-teguht ~]# yum -y install php-pear-DB php-pear-MDB2-Driver-mysqli

.::: How to Install PowerDNS and Poweradmin on CentOS 7 :::.

PowerDNS (pdns) is an open source DNS server written in C++ and released under GPL License. It has become a good alternative for the traditional DNS server Bind, designed with better performance and low memory requirements. PowerDNS provides two products, the Authoritative server, and the Recursor. The PowerDNS Authoritative server can be configured through the different backend, including the plain Bind zone files, RDBMS such as MySQL, PostgreSQL, SQLite3 or LDAP.

1. Disable /allow firewall, selinux and add hosts
[root@powerdns-teguht data]# systemctl stop firewalld
[root@powerdns-teguht data]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
[root@powerdns-teguht data]#

.::: Block a domain using RPZ on Bind DNS server on CentOS 7 Redhat 7 8 9 :::.

Domain Name Service Response Policy Zones (DNS RPZ) is a method that allows a nameserver administrator to overlay custom information on top of the global DNS to provide alternate responses to queries. It is currently implemented in the ISC BIND nameserver (9.8 or later). Another generic name for the DNS RPZ functionality is "DNS firewall".

1. Create zone for block using RPZ

[root@server-teguht ~]# cat /var/named/rpz.db

$TTL 1D

@    IN SOA ns1.example.com. root.example.com. (

                                        0      ;   serial

                                        1D     ;   refresh

                                        1H     ;   retry

                                        1W      ;  expire

                                        3H )     ; minimum

.::: Join Domain Active Directory on Centos 7 / Redhat 7, 8, 9 :::.

In Most of the Organizations users and groups are created and managed on Windows Active Directory.  We can integrate our RHEL 7 and CentOS 7 servers with AD(Active Directory) for authenticate purpose. In other words we can join our CentOS 7 and RHEL 7 Server on Windows Domain so that system admins can login to these Linux servers with AD credentials. While creating UNIX users on AD we can map these users to a specific group so that level of access is controlled centrally from AD

1. Install Package realmd, sssd, samba dan kerberos
[root@radius-teguht ~]# yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y

2. additional IP, domain, hostname on /etc/hosts , and /etc/resolv.conf

[root@radius-teguht ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.10.10.102 radius-teguht
10.10.10.110  ad ad.teguht.com
[root@radius-teguht ~]#

.::: How to Install Webmin on CentOS/Redhat 7, 8, 9 :::.

Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Webmin removes the need to manually edit Unix configuration files like /etc/passwd, and lets you manage a system from the console or remotely. See the standard modules page for a list of all the functions built into Webmin.

1. download
[root@server /]# wget http://prdownloads.sourceforge.net/webadmin/webmin-1.920-1.noarch.rpm

.::: Repair Table & Database MySQL / MariaDB :::.

1. Repair table (sample graph_templates_graph ;)

use databasename

repair table tablename

mysql> use cacti;

Database changed

mysql>

mysql> repair table graph_templates_graph ;

+-----------------------------+--------+----------+----------+

| Table                       | Op     | Msg_type | Msg_text |

+-----------------------------+--------+----------+----------+

| cacti.graph_templates_graph | repair | status   | OK       |

+-----------------------------+--------+----------+----------+

1 row in set (0.06 sec)

mysql>

.::: Install & Configuring Free Tacacs Plus with Linux Systems Users Authentication on RHEL/CentOS 7,8,9 :::.

Tacacs Plus is an identity management solutions with a protocol for AAA services such as , authentication, authorization, accounting. It is used as a centralized authentication and identity access management to network devices. It is the protocols for security that can provide a specific authorization and centralized access to particular user to work with network devices.

1. Download freetacacs +

wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-4.0.4.26-1.el7.nux.x86_64.rpm
wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-debuginfo-4.0.4.26-1.el7.nux.x86_64.rpm
wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-devel-4.0.4.26-1.el7.nux.x86_64.rpm

.::: Install elasticsearch, Kibana, Logtash, logtash, filebeat , Hearbeat :::.

1. Install Java

[root@radius-teguht data]# rpm -ivh jdk-12.0.1_linux-x64_bin.rpm

2. Install elasticsearch

[root@radius-teguht data]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.8.2.rpm

[root@radius-teguht data]# rpm -ivh elasticsearch-6.8.2.rpm

.::: Install Freeradius 3 on Centos7/Redhat7, Redhat 8/ Centos 8 :::.

1. Disable SE Linux
[root@radius-teguht ~]# cat /etc/selinux/config | grep SELINUX=
# SELINUX= can take one of these three values:
SELINUX=disabled
[root@radius-teguht ~]#

2. Disable firewall
[root@radius-teguht ~]# systemctl stop firewalld
[root@radius-teguht ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
[root@radius-teguht ~]#