Where do I start with replacing the whole MS AD stack
-
@JaredBusch said in Where do I start with replacing the whole MS AD stack:
@Donahue said in Where do I start with replacing the whole MS AD stack:
Apparently Fortigate wont let me create reservations outside of the lease pool. I even tried setting an excluded range, but it simply will not allow me to do it.
I can either:
- Get a different DHCP server
- Abandon using reservations
- Open the lease pool to the entire scope and live with the mixed results
- Open the lease pool to the entire scope and create 254 dummy reservations to be edited later.
My plan was to have 10.0.0.1/22 as my network, with the lease pool of 10.0.1.0 thru 10.0.3.254 and 10.0.0.2 thru 10.0.0.255 reserved for all these devices using reservations.
- replace fortigate
@Donahue Setup a DHCP/DNS VM and use VyOS, there is a awesome user guide for setting up DHCP and DNS.
-
For me this works and it is simple and not tied to anything but single Linux VM machine:
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.win_lgpo.html
You dont even need to backup the VM, just remeber its IP cause if it fails, recreate a new one and it will receive requests on the same IP, you can make setting to auto accept keys and back it will accept all those clients and you can start controlling them again.
-
thanks for the info guys, I will take a look. I like the idea of using a VM.
-
@Donahue said in Where do I start with replacing the whole MS AD stack:
sing reservations.
I think your knowledge of FG is not allowing you to do this, just create a new interface with the desired subnet and leave or tick DHCP option. And they you can do it what you want with it. Create an IPv4 policy to give access to internet to the new interface.
