DavidRa

How-to Guide Joining Linux to Active Directory for Windows Admins

A Windows view of joining Linux to AD

  1. DavidRa

    DavidRa Infrastructure Architect

    Joined:
    Aug 3, 2015
    Messages:
    245
    Likes Received:
    104
    DavidRa submitted a new resource:

    Joining Linux to Active Directory for Windows Admins - A Windows view of joining Linux to AD

    Read more about this resource...
     
    #1
    BLinux, legopc, pricklypunter and 2 others like this.
  2. capn_pineapple

    capn_pineapple Active Member

    Joined:
    Aug 28, 2013
    Messages:
    341
    Likes Received:
    74
    The following link is the guide I use for connecting our CentOS 7 VMs to our AD system.
    CentOS 7, Active Directory and Samba

    If you wanted to check/fix this guide for formatting etc and use it as a resource, it's probably a good idea.
     
    #2
  3. DebianFanatic

    DebianFanatic New Member

    Joined:
    May 9, 2018
    Messages:
    3
    Likes Received:
    0
    I believe your "realmd discover domain.example.com" and "realmd join --user=Daffy domain.example.com" commands should both be "realm ...", not "realmd ...".

    I was unable to join my Debian box to my "DOMAIN.local" domain, with little feedback as to why. "journalctl | grep realm" informed me that "SERVER.local" was not resolvable, which I traced to "/etc/nsswitch.conf" which contained the line:

    hosts: files mdns4_minimal [NOTFOUND=return] dns

    The "mdsn4..." directive was interpreting my "DOMAIN.local" domain as a local Bonjour/Avahi domain, and then quitting the search when it didn't find a local computer by that name. Moving the "dns" directive to before the "mdns4..." directive solved that problem. (It's my understanding that having a domain named .local is a no-no according to standards, but that's not within my control.) I'm unsure if my fix is a good fix, or just one that works for me; I'm also unsure if just removing the "[NOTFOUND=return]" segment might not be a better (or at least alternative) solution.
     
    #3
  4. DebianFanatic

    DebianFanatic New Member

    Joined:
    May 9, 2018
    Messages:
    3
    Likes Received:
    0
    What part of the steps in your outline creates an /etc/sssd directory and its requisite .conf file? In my tinkering, I moved /etc/sssd out of the way, and purged sssd, and then when I reinstalled sssd, it failed to create a new /etc/sssd directory and its .conf file. I can move my old /etc/sssd back into place, but I'd like to know how it got created originally, and why whatever created it originally is not recreating it after a purge/reinstall.

    Thanks!
     
    #4
  5. DebianFanatic

    DebianFanatic New Member

    Joined:
    May 9, 2018
    Messages:
    3
    Likes Received:
    0
    It's the "realm join ...." command that creates the "/etc/sssd/sssd.conf" file. But it fails if the directory "/etc/sssd" does not already exist. I had to manually create the directory. I'm still wondering what is supposed to, and didn't, create the directory originally, but I'm okay to keep going as-is, for now.

    When I then tried to run the "realm join ..." command again, I was told I was already joined. Apparently the earlier attempt sort of worked. So I ran "realm leave" to leave the domain, and then ran the "realm join ..." command again, this time without errors.

    Making progress...! :)
     
    #5
  6. DavidRa

    DavidRa Infrastructure Architect

    Joined:
    Aug 3, 2015
    Messages:
    245
    Likes Received:
    104

    Yes, you're right; I've updated the guide document to fix this.

    As for .local domains - I suspect that's probably what you want, but it's not an area of expertise so I'll let someone who knows what they're talking about respond. I don't have .local domains - haven't for years - but annoyingly I had to migrate off an internal "x.earth" a couple of years back. That was the last "unowned" AD domain name.
     
    #6
Similar Threads: Joining Linux
Forum Title Date
Guides Linux nmcli: how to configure a bridge on a team interface Jan 26, 2018
Guides Linux Desktop in Docker Running in 60 Seconds May 5, 2017
Guides How to run Linux-Bench Jan 5, 2016

Share This Page