RSA Incident Response White Paper: Inside the Response of a Unique
CARBANAK Intrusion RSA Incident Response and Discovery Practice (RSA IR)
analysts spend a significant amount of time engaged in the research,
hunting, and effective response of advanc...
So, for what you are wanting to do, you will need at least +2 servers
for authentication (primary + backup). You have some options here:
Kerberos, OpenLDAP, 389, FreeIPA. You can run Linux-side centralized
authentication with auditing (and even non-r...
I would not recommend this AT ALL. Think about it, AD is the shortest
path of compromise in the majority of intrusions. Adding AD to Linux
hosts, and adding sudo for priv escalation, just ensures that if AD is
compromised, they also have a direct lin...
