Integrating a Linux machine into an Active Directory (AD) domain enables centralized authentication and resource management, making it easier to manage users and permissions in a Windows-dominated enterprise environment. Here’s how to achieve this integration step by step.
Before proceeding, ensure you have:
🔍A Linux machine with sudo/root privileges🔍An Active Directory domain (e.g., yourdomain.com)
🔍A domain user account with permission to join devices to AD
🔍Network connectivity to the AD domain controller
Step 1: Install Required Packages
On Ubuntu/Debian-based systems, install the necessary packages:
sudo apt update && sudo apt install realmd sssd adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
For RHEL/CentOS-based systems:
sudo yum install realmd sssd adcli samba-common oddjob oddjob-mkhomedir packagekit
Step 2: Discover the AD Domain
Use the realmd command to check if your Linux machine can discover the AD domain:
realm discover Yourdomain.com
Step 3: Join the Domain
Run the following command, replacing domainadmin with your AD admin account:
sudo realm join --user=domainadmin Yourdomain.com
Enter the password when prompted.
Step 4: Verify the Join Status
Check if the system is now part of the domain: realm list
Step 5: Configure SSSD
Ensure the /etc/sssd/sssd.conf file is correctly configured:
[sssd]
domains = example.com
config_file_version = 2
services = nss, pam
[domain/example.com]
ad_domain = example.com
krb5_realm = EXAMPLE.COM
realmd_tags = manages-system joined-with-samba
Restart the SSSD service:
sudo systemctl restart sssd
Step 6: Enable Home Directory Creation
To allow domain users to have home directories created automatically, enable and restart the oddjobd service:
sudo systemctl enable oddjobd
sudo systemctl restart oddjobd
Step 7: Test Domain Login
su - domainuser@yourdomain.com
If successful, you have successfully joined your Linux machine to the Active Directory domain.
0 Comments