{"id":4965,"date":"2021-11-03T16:38:38","date_gmt":"2021-11-03T07:38:38","guid":{"rendered":"\/blog\/?p=4965"},"modified":"2023-09-21T09:26:28","modified_gmt":"2023-09-21T00:26:28","slug":"active-directory-%ec%84%9c%eb%b9%84%ec%8a%a4-%ec%84%a4%ec%b9%98-%eb%b0%8f-%ed%85%8c%ec%8a%a4%ed%8a%b8","status":"publish","type":"post","link":"https:\/\/hasu0707.duckdns.org\/blog\/?p=4965","title":{"rendered":"[Active Directory] \uc11c\ube44\uc2a4 \uc124\uce58 \ubc0f \ud14c\uc2a4\ud2b8"},"content":{"rendered":"\n1. \uc6a9\uc5b4 \uc124\uba85<\/strong>
  1) DN(Distinguished Name) : \ud2b9\uc815 \uc774\ub984\uc73c\ub85c \ucef4\ud4e8\ud130\ub97c domain\uc5d0 \uc800\uc7a5(\ud45c\uc900\ud615\uc2dd)
    Directory Srvice \uc5d0\uc11c \uac1c\uccb4\ub97c \uace0\uc720\ud558\uac8c \uc815\uc758\ud574 \uc8fc\ub294 \uc774\ub984
    ex) tistory.com \ub3c4\uba54\uc778\uc758 \uc5d4\uc9c0\ub2c8\uc5b4\ubd80 OU\uc5d0 \uc788\ub294 \ud64d\uae38\ub3d9 \uc0ac\uc6a9\uc790
    dn=\"cn=\ud64d\uae38\ub3d9,ou=\uc5d4\uc9c0\ub2c8\uc5b4\ubd80,dc=tistory,dc=com\"

  2) RDN(Relative DN) : DN\uc5d0\uc11c domain\uc744 \uc0dd\ub7b5\ud55c \uac83
    ex) OU=\uc5d4\uc9c0\ub2c8\uc5b4\ubd80

  3) CN(Canonical Name) : \ubcf4\uc5ec\uc9c0\ub294 \uc774\ub984
    ex) \ud64d\uae38\ub3d9

  4) OU(Organizational Unit) : \uc870\uc9c1 \uad6c\uc131 \ub2e8\uc704
    ex) \uc5d4\uc9c0\ub2c8\uc5b4\ubd80

  5) DC(Domain Component) : \ub3c4\uba54\uc778 \uad6c\uc131 \uc694\uc18c
    ex) dc=tistory,dc=com

  6) LDAP(Lightweight Directory Access Protocol)
    - \ub458 \uc774\uc0c1\uc758 DN\uc774 \uc815\ubcf4\ub97c \uc8fc\uace0 \ubc1b\uc744\ub54c \uc0ac\uc6a9\ud558\ub294 \ud504\ub85c\ud1a0\ucf5c

  7) SID (Security ID) : \ubcf4\uc548 ID-\uace0\uc720\ud55c \uc2dd\ubcc4\ubc88\ud638, \uc77c\ub828\ubc88\ud638 (\ub79c\ub364\ud558\uac8c \uc0dd\uc131)
    \u203bwindow\ub294 logon ID\uc640\ub294 \ub2e4\ub978 \uace0\uc720\ud55c \uc77c\ub828\ubc88\ud638\ub85c \uc800\uc7a5\ud55c\ub2e4.

  8) RID (Relative ID)
    \u203bSID\uc640 \ucef4\ud4e8\ud130 \uc774\ub984\uc758 \uc911\ubcf5\uc744 \ub9c9\uae30 \uc704\ud574 Domain\uc5d0\uc11c \ucd94\uac00\uc801\uc73c\ub85c \ubd80\uc5ec\ud558\ub294 \uc77c\ub828\ubc88\ud638

  9) GUID (Global Unique ID) : RID\uac00 \ubaa8\uc5ec\uc788\ub294 \uc77c\ub828\ubc88\ud638

2. \uc11c\ube44\uc2a4 \uc124\uce58<\/strong>
  \uc11c\ubc84 \uad00\ub9ac\uc790 > \uad00\ub9ac > \uc5ed\ud560 \ubc0f \uae30\ub2a5 \ucd94\uac00
  \uc124\uce58 \uc720\ud615: \uc5ed\ud560 \uae30\ubc18 \ub610\ub294 \uae30\ub2a5 \uae30\ubc18 \uc124\uce58
  \uc11c\ubc84 \uc120\ud0dd: \uc11c\ubc84 \uc120\ud0dd
  \uc11c\ubc84 \uc5ed\ud560: Active Directory \ub3c4\uba54\uc778 \uc11c\ube44\uc2a4 > \uae30\ub2a5 \ucd94\uac00
  \ud655\uc778: \uc124\uce58

3. \ubc30\ud3ec \uad6c\uc131<\/strong>
  \ubc30\ud3ec \uad6c\uc131: \uc0c8 \ud3ec\ub9ac\uc2a4\ud2b8\ub97c \ucd94\uac00\ud569\ub2c8\ub2e4. (\ub8e8\ud2b8 \ub3c4\uba54\uc778 \uc774\ub984: test.com)
  \ub3c4\uba54\uc778 \ucee8\ud2b8\ub864\ub7ec \uc635\uc158:
    \ud3ec\ub9ac\uc2a4\ud2b8 \uae30\ub2a5 \uc218\uc900: Windows Server 2012 R2
    \ub3c4\uba54\uc778 \uae30\ub2a5 \uc218\uc900: Windows Server 2012 R2
  DSRM(\ub514\ub809\ud130\ub9ac \uc11c\ube44\uc2a4 \ubcf5\uc6d0 \ubaa8\ub4dc) \uc554\ud638 \uc785\ub825
  \ucd94\uac00 \uc635\uc158: NetBIOS \ub3c4\uba54\uc778 \uc774\ub984: TEST
  \uacbd\ub85c: (\ub514\ud3f4\ud2b8 \uc14b\ud305)
  \uac80\ud1a0 \uc635\uc158: (\ub514\ud3f4\ud2b8 \uc14b\ud305)
  \ud544\uc218 \uad6c\uc131 \uc694\uc18c \ud655\uc778: \uc124\uce58 > \uc7ac\ubd80\ud305

4. \uc124\uce58 \uc644\ub8cc \ud6c4 \ub85c\uadf8\uc778<\/strong>
  TEST\\Administrator

5. OU(Organizational Unit) \ub9cc\ub4e4\uae30<\/strong>
  \uc11c\ubc84 \uad00\ub9ac\uc790 > \ub3c4\uad6c > Active Directory \uad00\ub9ac \uc13c\ud130
  Active Directory \uad00\ub9ac \uc13c\ud130 > test(test.com)
  test(\ub85c\uceec) > \uc0c8\ub85c \ub9cc\ub4e4\uae30 > \uc870\uc9c1 \uad6c\uc131 \ub2e8\uc704(Organizational Unit) > ou_test

6. \uc0ac\uc6a9\uc790 \ucd94\uac00<\/strong>
  Power Shell >

  # \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc554\ud638\ud654\ud558\uc5ec \ubcc0\uc218\uc5d0 \uc800\uc7a5
  $password = \"P@ssW123\"
  $sec_pass = ConvertTo-SecureString $password -AsPlainText -Force

  # \uc0ac\uc6a9\uc790 \ucd94\uac00
  New-ADUser -Path \"ou=ou_test,dc=test,dc=com\" -Name \"kildong.hong\" -Surname \"Hong\" -GivenName \"Kildong\" -DisplayName \"Hong Kil-Dong\" -EmailAddress \"foo@foo.com\" -Title \"Manager\" -AccountPassword $sec_pass -Server \"localhost\" -Enabled $True -PasswordNeverExpires $True

  # \uc6d0\uaca9 \ub370\uc2a4\ud06c\ud0d1 \uc5f0\uacb0\uc744 \uc704\ud574 \"Remote Desktop Users\" \uadf8\ub8f9 \ucd94\uac00
  Net localgroup \"Remote Desktop Users\" \/add \"TEST\\kildong.hong\"

  \u203bTEST\\kildong.hong \uc73c\ub85c \ub85c\uadf8\uc778 \uac00\ub2a5.

7. \uc0ac\uc6a9\uc790 \ud655\uc778<\/strong>
  \uc11c\ubc84 \uad00\ub9ac\uc790 > \ub3c4\uad6c > Active Directory \uc0ac\uc6a9\uc790 \ubc0f \ucef4\ud4e8\ud130

8. \uc5f0\uacb0 \ud14c\uc2a4\ud2b8<\/strong>
  \ub3c4\uad6c: JXplorer(http:\/\/jxplorer.org\/<\/a>)

  File > Connect

  Host: 10.10.10.44
  Port: 389
  Protocol: LDAP v3
  Base DN: DC=test,DC=com

  Security\/Level: User+Password
  Security\/User: TEST\\Administrator
  Security\/Password: P@ssW123

9. Fortify SSC\uc5d0 \uc801\uc6a9<\/strong>
  9-1. LDAP \uc11c\ubc84 \ub4f1\ub85d
    ADMINISTRATION > Configuration > LDAP Servers > NEW

    Server Name: My LDAP Server
    Server URL: ldap:\/\/10.10.10.44:389
    Base DN: DC=test,DC=com
    Bind User DN: TEST\\Administrator
    Bind User Password: P@ssW123
  9-2. LDAP \uc0ac\uc6a9\uc790 \ucd94\uac00
    ADMINISTRATION > Users > LDAP > +ADD
    LDAP Entry: User<\/strong>
    Name: *<\/strong>\ub85c \uac80\uc0c9\ud558\uc5ec \uc0ac\uc6a9\uc790 \ucd94\uac00
    \ub85c\uadf8\uc778 \ud14c\uc2a4\ud2b8 \uc9c4\ud589

<\/span>\n","protected":false},"excerpt":{"rendered":"

1. \uc6a9\uc5b4 \uc124\uba85  1) DN(Distinguished Name) : \ud2b9\uc815 \uc774\ub984\uc73c\ub85c \ucef4\ud4e8\ud130\ub97c domain\uc5d0 \uc800\uc7a5(\ud45c\uc900\ud615\uc2dd)    Directory Srvice \uc5d0\uc11c \uac1c\uccb4\ub97c \uace0\uc720\ud558\uac8c \uc815\uc758\ud574 \uc8fc\ub294 \uc774\ub984    ex) tistory.com \ub3c4\uba54\uc778\uc758 \uc5d4\uc9c0\ub2c8\uc5b4\ubd80 OU\uc5d0 \uc788\ub294 \ud64d\uae38\ub3d9 \uc0ac\uc6a9\uc790    dn=”cn=\ud64d\uae38\ub3d9,ou=\uc5d4\uc9c0\ub2c8\uc5b4\ubd80,dc=tistory,dc=com”   2) RDN(Relative DN) : DN\uc5d0\uc11c domain\uc744 \uc0dd\ub7b5\ud55c \uac83    ex) OU=\uc5d4\uc9c0\ub2c8\uc5b4\ubd80   3) CN(Canonical Name) : \ubcf4\uc5ec\uc9c0\ub294 \uc774\ub984    ex) \ud64d\uae38\ub3d9   […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[66,40],"tags":[70,72,69,71],"class_list":["post-4965","post","type-post","status-publish","format-standard","hentry","category-computing_fortify","category-os_win","tag-ad","tag-fortify","tag-ldap","tag-ssc"],"_links":{"self":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4965"}],"version-history":[{"count":0,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4965\/revisions"}],"wp:attachment":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}