Syncing a Linux machine with Active Directory unlock benefits like seamless AD login, simplified asset management, and integrate your Linux machine into your company's existing environment, Here is a simple guide of how to do it :)
RPM Based Distributions (Centos/RHEL)
Setup dependencies
centos7:
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python
centos8:
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python-utils
Add to AD:
realm join --user=[domain user account] [domain name]
# realm join --user=myAdUser dev.com
in case of error, run journalctl as described in the error, to fix KDC has no support for encryption type enable Kerberos encryption support:
update-crypto-policies --set DEFAULT:AD-SUPPORT
Debian based systems (ubuntu)
Setup dependencies
sudo apt-get update
sudo apt-get install sssd-ad sssd-tools realmd adcli
Add to AD:
sudo realm -v discover [domain name]
# sudo realm -v discover dev.com
sudo realm join --user=[domain user account] [domain name]
# realm join --user=myAdUser dev.com
in case of error, run journalctl
as described in the error, to fix realm: Couldn't join realm: Necessary packages are not installed: sssd-tools sssd libnss-sss libpam-sss adcli even that they are installed run the following:
realm join --user=[domain user account] [domain name] --install=/
realm join --user=myAdUser dev.com
Sources
Top comments (0)