I’m no longer as strong with Linux distributions as I am with Windows and macOS. Yet when I changed into these days provided with a question on how to bind Linux hosts to a current Windows AD area, I popular the project and along with it, the possibility to choose up a few more Linux experience and help a chum out.
Most IT experts I meet are adamant approximately acting their duties with the least quantity of arms-on, physical presence as viable. This is not to mention that they do not desire to get their hands dirty according to se, but as a substitute speaks greater to the truth that IT normally has lots on its plate so running smarter—no longer tougher—is usually more than tying up all your resources on just one or hassle tickets.
Just about any administrative assignment, you wish to carry out is feasible from the powerful, robust command-line interface (CLI). This is one of the areas in which Linux certainly shines. Regardless as to whether the instructions are entered manually, remotely thru SSH, or robotically piped in the use of scripts—the capability to manipulate Linux hosts natively is 2nd to none. Armed with this new-found expertise, we head immediately to the CLI to clear up this problem.
Before diving into the crux of how to perform this area bind, please notice that I blanketed wonderful (even though pretty similar) tactics to accomplish this challenge. The manner used will depend on what model of the Linux kernel your distribution of desire is based on Debian or Red Hat (RHEL).
Joining Debian-based totally distros to Active Directory
Launch Terminal and enter the following command:
sudo apt-get realmd
After ‘realmd’ installs efficaciously, enter the next command to join the domain:
realm be part of a domain. Tld –user username
Enter the password of the account with permissions to join devices to the domain, and press the enter key. If the dependencies are not currently loaded onto the Linux host, the binding system will trigger them to be installed robotically.
Joining RHEL-primarily based distros to Active Directory
Launch Terminal and input the subsequent command:
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-commonplace samba-commonplace-equipment krb5-pc OpenLDAP-clients policycoreutils-python -y
Once the dependencies install efficiently, input the subsequent command to join the domain:
realm be a part of the domain. Tld –user=username
After authentication occurs for the primary time, Linux will robotically create the /etc/sssd/sssd.Conf and /and many others/krb.Conf documents, as well as the /and so forth/krb5.Keytab, which control how the system will connect to and talk with Kerberos (the authentication protocol utilized by Microsoft’s Active Directory).
Note: The dependencies are established with their default configurations. This might also or won’t paintings along with your environment’s unique installation. Additional configuration can be essential earlier than area bills can be authenticated.
Confirm domain (realm) joined successfully
At Terminal, enter the following command for a listing of the domain, together with configuration records set:
Alternatively, you could usually take a look at the homes of the pc object in Active Directory Users and Computers snap-in to verify that it turned into each created and has the proper trust dating installed between host and AD.