Join Fedora 19 to Active Directory Domain using realmd
Senin, 07 Oktober 2013
0
komentar
http://funwithlinux.net/2013/09/join-fedora-19-to-active-directory-domain-realmd
For years, Linux administrators have been successfully using Samba winbind to integrate Linux with Active directory. While configuring a Linux host to join an Active Directory Domain is pretty simple, it still involves editing a few configuration files manually in most cases. The new software, realmd, changes all of that, and makes joining a Linux host to an Active Directory Domain easier than ever before!
I have installed F19 stable from Netinstall CD using minimal install, no desktop. Make sure your network and DNS settings are working, obviously.
To successfully join a Windows 2008r2 AD domain using NTLMv2, I have done the following:
yum install realmd
realm discover –verbose example.com
That will tell you what software you need to install (samba-common doesn’t show up, but it will if you try to join a domain and it’s not installed).
yum install sssd oddjob oddjob-mkhomedir adcli samba-common
realm join –client-software=sssd example.com -U mydomainadmin
That should prompt for a password, and if successful, absolutely nothing will be displayed on STDOUT.
To test if you have successfully joined the domain, use
getent passwd EXAMPLE\\mydomainuser
and you should get a long passwd line.
Now, if you want to only allow certain users to log in, you can run the next two commands:
realm deny –all
realm permit mydomainuser@example.com
For more information about logins (including groups!), check out the man page for realm.
Bonus tip: If you are used to adding AD groups to the sudoers file, the format has changed slightly from RHEL / CentOS 6. Use the following for groups:
%domain\ admins@example.com ALL=(ALL) ALL
I have installed F19 stable from Netinstall CD using minimal install, no desktop. Make sure your network and DNS settings are working, obviously.
To successfully join a Windows 2008r2 AD domain using NTLMv2, I have done the following:
yum install realmd
realm discover –verbose example.com
That will tell you what software you need to install (samba-common doesn’t show up, but it will if you try to join a domain and it’s not installed).
yum install sssd oddjob oddjob-mkhomedir adcli samba-common
realm join –client-software=sssd example.com -U mydomainadmin
That should prompt for a password, and if successful, absolutely nothing will be displayed on STDOUT.
To test if you have successfully joined the domain, use
getent passwd EXAMPLE\\mydomainuser
and you should get a long passwd line.
Now, if you want to only allow certain users to log in, you can run the next two commands:
realm deny –all
realm permit mydomainuser@example.com
For more information about logins (including groups!), check out the man page for realm.
Bonus tip: If you are used to adding AD groups to the sudoers file, the format has changed slightly from RHEL / CentOS 6. Use the following for groups:
%domain\ admins@example.com ALL=(ALL) ALL
You can skip to the end and leave a response. Pinging is currently not allowed.
TERIMA KASIH ATAS KUNJUNGAN SAUDARA
Judul: Join Fedora 19 to Active Directory Domain using realmd
Ditulis oleh Unknown
Rating Blog 5 dari 5
Semoga artikel ini bermanfaat bagi saudara. Jika ingin mengutip, baik itu sebagian atau keseluruhan dari isi artikel ini harap menyertakan link dofollow ke http://androidjapane.blogspot.com/2013/10/join-fedora-19-to-active-directory.html. Terima kasih sudah singgah membaca artikel ini.Ditulis oleh Unknown
Rating Blog 5 dari 5
0 komentar:
Posting Komentar