Creating a DNS Stub Zone in Windows Server 2003/2008/2012

There comes a time when you may be required to integrate a more complex DNS infrastructure other than a policy of  “all requests come here and then go out to the web” for resolution.

Lets say, you work at Company X which operates a Windows DNS infrastructure of “”. Changes are you run a very similar principle to the above. Perhaps your DNS servers are your Active Directory Domain Controllers and when they are unable to resolve an address of, it simply forwards the DNS query out into the ether (perhaps this might go to your ISP or even direct to the root DNS servers around the world).
Continue reading “Creating a DNS Stub Zone in Windows Server 2003/2008/2012” »

Enhancing your logging capabilities with Splunk

If you come from a Linux or Unix background, reading through logs is something you come to expect. It is something you have developed quick and easy ways to filter through large volumes of information on the fly, but still doing this manually.

If you come from a Windows background, your understanding of logging is checking what is in the Windows Event Viewer or using Notepad to close/reopen a text file for a specific application you are running.

Splunk is a web based tool that can help you filter through all of those logs, but give you the exact results you are searching for.

This article will take you through setting up Splunk in your environment, and how to quickly search for information for exactly what you are looking for.

Continue reading “Enhancing your logging capabilities with Splunk” »

YubiRadius integration with group-validated Active Directory Users using LDAP

This article will show you how to set up the YubiRadius Virtual Appliance (v. 3.5.1) for User validation against a Microsoft Active Directory 2008R2 infrastructure.

You can obtain the YubiRadius Virtual Appliance from the good people over at Yubico, or just click here

This guide is not meant to show you how to configure a virtual appliance in your choice of Virtualization technology, although as I am using KVM, a special thanks to Gavin Spurgeon for getting this VA converted and working smoothly (even with virtio for the icing on the cake).

Continue reading “YubiRadius integration with group-validated Active Directory Users using LDAP” »

Web proxy filtering with SquidGuard – Using Active Directory group memberships

This guide will give you a walk through how to configure your existing Squid proxy server to provide content filtering capabilities for your Active Directory users.

This guide has been produced using Red Hat Enterprise Linux 6.3 and a Microsoft 2008r2 Active Directory domain.

If you currently do not have an existing Squid installation, you can follow my previous article on how to configure Squid for Active Directory authentication.

To start with, if you have read this far, you most likely already have an existing Squid installation on a server that has system authentication back to Active Directory. Follow the below steps to add Content Filtering with SquidGuard.

Continue reading “Web proxy filtering with SquidGuard – Using Active Directory group memberships” »