CentOS 7 domain join
travisdh1 last edited by scottalanmiller
Easy instructions, that actually work. Mostly just wanted to keep these around for later.
Source: Tater's Tech Blog
CentOS 7 Join Active Directory Domain
Before you begin ensure that the DNS on the Linux computer you wish to join to the domain is pointed to a the Active Directory server. Active Directory relies heavily on DNS to function.
STEP 1. Ensure the following packages are installed
yum -y install realmd sssd oddjob oddjob-mkhomedir adcli samba-common
STEP 2. From the computer you will join to the domain run realm discover to verify connectivity to the domain controllers.
[[email protected] ~] realm discover LAB.NET lab.net type: kerberos realm-name: LAB.NET domain-name: lab.net configured: kerberos-member server-software: active-directory client-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-package: adcli required-package: samba-common login-formats: %U login-policy: allow-realm-logins
STEP 3. Join Active Directory domain, you must use an account which has privileges to join a computer the domain.
[[email protected] ~] realm join -U adminuser LAB.NET
STEP 4. Verify you can retrieve directory information for user
[[email protected] ~] id LAB\\ktest uid=522401118(ktest) gid=522400513(domain users) groups=522400513(domain users)
STEP 5. Verify the ability to perform a su to an Active Directory user
[[email protected] ~] su - ktest Last login: Sun Sep 20 05:21:42 CDT 2015 on pts/0 [[email protected] ~]$
STEP 6. To remove the requirement of fully qualifying the Active Directory username edit the sssd.conf file. After this change you will not be required to use DOMAIN\ when logging in as an Active Directory user.
[[email protected] ~] vi /etc/sssd/sssd.conf use_fully_qualified_names = False [[email protected] ~] systemctl restart sssd
wirestyle22 last edited by
This post is deleted!