JEA(Just Enough Administration)

-

  

We will done this configuration by PowerShell,

Step 1

Open PowerShell in Domain controller and execute

New-PSSessionConfigurationFile -Path 'C:\Program Files\WindowsPowerShell\spooler_conf.pssc'

notepad 'C:\Program Files\WindowsPowerShell\spooler_conf.pssc'

After executed that command also execute this command to open notepad filev


 

Now Change the notepad file that have open. You should not change the all,

Just change I mention here  



 

Step-2

To Creating a folder for JEA execute this command

New-Item –Path 'C:\Program Files\WindowsPowerShell\Modules\JEA\RoleCapabilities' -ItemType Directory



 

 

Step-3 (Creating the PS Role Capability File for the Spooler Admins (psrc file):

Put this command in PowerShell

New-PSRoleCapabilityFile -Path 'C:\Program Files\WindowsPowerShell\Modules\JEA\RoleCapabilities\spooler_admins.psrc'

After executed that command also execute this command to open notepad file

notepad 'C:\Program Files\WindowsPowerShell\Modules\JEA\RoleCapabilities\spooler_admins.psrc'





 

Now Change the notepad file that have open. You should not change the all,

Just change I mention here  



 

 

 

Step-4 (Registering the Configuration)

To execute this step you have to create a group and a user under the group



Put this command in PowerShell

Register-PSSessionConfiguration -Name Spooler_Admins -Path 'C:\Program Files\WindowsPowerShell\spooler_conf.pssc'

Restart the spooler service

Restart-Service WinRM



We have done our ADDS configuration now logon into client as Spooler_Admins users

Step-5

Login as member user of Spooler_Admins group into a domain member machine and Open the PowerShell & execute below command

Enter-PSSession -ComputerName ADDS -ConfigurationName spooler_admins

Get-Command



Restart-Service spooler

whoami



 

Comments

Post a Comment

Popular posts from this blog

Static Routing Protocol Configuration

-
Image
  Router 1configuration Router> Router>enable Router#configure terminal Router(config)#int g0/0 Router(config-if)#ip add 10.0.0.1 255.255.255.0 Router(config-if)#no sh Router(config-if)#ex Router(config)# Router(config)#int g0/1 Router(config-if)#no sh Router(config-if)#ip add 172.0.0.1 255.255.255.252 Router(config-if)#ex Router(config)# Router(config)#ip route 192.168.0.0 255.255.255.0 172.0.0.2   Router 0 configuration Router>enable Router#configure terminal Router(config)#int g0/0 Router(config-if)#no sh Router(config-if)#ip address 172.0.0.2 255.255.255.252 Router(config-if)#ex Router(config)# Router(config)# Router(config)#int g0/1 Router(config-if)#no sh Router(config-if)#ip add 192.168.0.1 255.255.255.0 Router(config-if)#ex Router(config)# Router(config)# Router(config)#ip route 10.0.0.0 255.255.255.0 172.0...
Read more

BitLocker installation

-
Image
BitLocker isn’t just a feature for Windows desktop, laptop, and tablet computers. It’s also available for Windows Server as an installable feature. It is a great way to protect servers if you deal with remote locations or hard-to-secure server closets, or if you just want to protect the drives of racked servers. In this blog, we will see the Bitlocker Installation process At first install Bitlocker features, if not install Then Create a GPO and enable the policy   Now open the control panel and ensure that view by option should be “Large Icons” then follow the showing step   You must have share “Local Resource” to save the file Now restart the machine Here...
Read more

Backup & Restore process of CISCO Router

-
Image
Backup & Restore process of CISCO Router At first take, a look at Backup process: Router>en Router#conf t Router(config)# Router(config)#int g0/0 Router(config-if)# Router(config-if)#ip add 1.1.1.1 255.0.0.0 Router(config-if)#no sh Router(config-if)# Router(config-if)#ex Router(config)#ex Router#ping 1.1.1 .2   Put the IP address of the TFTP-Server Backup configuration on the Router0: Router(config)# Router(config)#Hostname Dhaka Dhaka(config)#int lo 1 Dhaka(config-if)#ip add 5.5.5.5 255.0.0.0 Dhaka(config-if)#ex Dhaka(config)#int lo 3 Dhaka(config-if)#ip add 6.6.6.6 255.0.0.0 Dhaka(config-if)#ex Dhaka(config)#exit Dhaka#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK   Backup Configuration for running-config: ...
Read more