You can try using another system to emulate a Windows DC if you wish. Please understand that there is a risk for you to do this. We have only tested our service scanner against a Windows AD, so if there is some quirk with your non-windows based solution that causes the service scanner not to register it, that will be something you will be responsible for.

As mentioned in the Scenario, your system will not only need to be able to bind via LDAP, but also need to issue Kerberos tickets in tandem.

Again, even if it works in your testing but not with our scanner, it’s on you to fix.

No.

Replacing the payroll application with another existing solution or scratching it and writing it from the ground up are not viable options for the purposes of this competition. Keep in mind we are trying to emulate a real IT department at a real company. Realistically you would not be able to come in a re-write all the company’s web apps. Even moving them to other existing solutions is not a trivial task, particularly for a payroll application.

Yes, you may reinstall the shell server if you would like. Your shell server must provide everything listed in the Scenario document.

No, you are required to use Windows to host Terminal Services.

This is largely to avoid scoring disputes due to green team and others being unfamiliar different systems.