Sep 03

Redirect non-www requests to www using AWS Route 53

Many web masters prefer to redirect non-www request to www. There are lots of different approaches for that and most famous one is using 301 redirection on the web server to handle this redirect part. Then what happen is, server must need to put extra processing for this redirection request.  If the server have to handle thousands of request, it would not be efficient method at all. If your domain NS (name servers) is hosted with AWS Route53, you can use their own proprietary alias “record” to solve this problem. The traditional DNS, you cannot do it at all and you have to used 301 redirect instead as I mentioned earlier. Other advantage of the redirection is SEO improvement as some search engine recognize www and non-www as two different web sites and this cause to penalize the domain considering website has duplicate content.
Here I’m going to demonstrate how to redirect non-www requests to www using AWS Route 53. So let’s look at.

1) create S3 bucket for naked domain

ex:- domain.com

2) Configure non-www request to www on AWS S3

i) Highlight previously created bucket

ii) From “Properties” expand “Static Website Hosting”

iii) Select “Redirect all request to another host name”

non-www to www redirect using AWS s3

3) Configure AWS Route53

i) select your domain from “hosted zones”

ii) point www to your server ip or ELB (Elastic Load Balancer) by creating new records

you may click on “Create Record Set” button

iii) select your naked domain record from the list

list may contains other records such MX, TXT as well, but you must select just your domain.
ex:- example.com.

when you select it, you can set following parameters from right hand side panel.

select Type as “A – IPV4 address” from drop down
select Alia as “YES
select Alias Target as previously created S3 bucket from drop down.

AWS Route53 Alias records

 

that’s how to do that. Comment here If you are having any question at all !    :-)

Aug 06

Adding users to Linux EC2 instance and give SSH access

The default AWS Linux EC2 instances come up with one user account such as centos, ubuntu etc  with sudo privileges.
However in complex environment you may be needed add more users to EC2 instance with different privileges. Here we are going to discuss
how to adding users to Linux EC2 instance and give SSH access to the accounts. At the end of the tutorial we give you a trick to make the user
into sudo user.

1) Create new user account

2) Switch into new user account

3) Generate new private key from AWS Account.

Log into AWS Account, then Goto “EC2” , next select “Key Pairs” under “NETWORK & SECURITY” which can find from left hand side.

EC2 key pair generator

4) How to obtain public key ??

i) Copy *.pem file into Linux machine.

ii) Run following command

This will will be asked to enter private key, then enter previously copied *.pem file

iii) Copy output file

example output :-

5) Create a .ssh directory for the authorized_keys file.

you may need to switch into “newuser”

6) Change the file permissions of the .ssh directory

7) Copy public key into authorized_keys and set permission to file

8) Log into server with .pem file

[root ~]$ssh -i your_private_key.pem newuser@remote.server.ip.address

ex :- ssh -i user.pem newuser@192.168.5.20

9) how to make new user into root or sudo user

this will require password, so we are going to disable this

log into remote server
type
#visudo

add following

Reference :- http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html

Jul 06

Remotely change local Administrator password on all domain computers

Even computer is joined with domain controller, Sysadmins are used to keep local Administrator account as a backup login account to log into the computer when domain controller is not available. However it is really important to change local Administrator password periodically to comply with company security standards.

Manually changing the local Admin password is very hard process, you can use GPOs but server 2012 and on wards this option is not available as passwords are stored on clear text without encrypting it, so in GPOs password field should be grey out if you are already checked that . If you are  using domain controller prior to server 2012 you can try GPO option methods read this for more details .However there are  lots of third party tools are available to make this process automate. Even Microsoft also introduce tool called  local administrator password solution (laps) which can be integrated with Group policies, but need to modify domain schema, however it will not discuss here, if you are interest about LAPS please follow this article of official Microsoft resource.

 

Here I’m going to shows you how to remotely change local Administrator password on all domain computers automatically without installing additional software or making no modification to domain controller. below is the our lab environment.

Domain controller :- WIndows server 2012 R2
Domain computers :- Windows 7,8,and 8.1

 

01) Get domain PCs

i) log into domain controller and open Powershell.

ii) type following command to get all client PCs managed by domain controller.

Copy output into notepad and save it as txt ex:- domainpc.txt

02) Download PSTools

Download latest tool set from here and extract it. Don’t forget to copy domainpc.txt into extract folder of PSTools.

03) Change Local Administrator password on computers

i) Open command prompt and go to extract PSTools folder.

ii) Type following command

[YOURDOMAIN] :- Active Directory domain Name
[REMOTE ADMIN ACCOUNT] :- this most probably ‘Administrator’ if you need to change other local account, specify it here
[NEW PASSWORD] :- New password for the account

ex:-

Once you enter the command it will ask Domain Administrator password, type the password and press enter if you need to get output into file, you need to append following to above command

ex:-

 

 

Older posts «

Fetch more items