Integrating Active Directory with Linux (RHEL / CentOS)
Most of the organisations uses Active Directory Domain Services or in short, ADDS, for management & administration of users. We can connect all the Windows system to the ADDS server & ADDS server can then be used to administer users, resources like printers etc & we can also implement group policies based on users or systems.
We can not only connect the Windows machine to ADDS server but we can also connect active directory with Linux machines. In this tutorial, we will be connecting Centos 7 machine to a Windows active directory server.
- A working Active Directory server based on either Windows server 2008 R2 or Windows server 2012,
- A Centos 7 (or RHEL 7) machine for connecting to ADDS server.
Step 1- Creating entries for ADDS server in hosts & resolv.conf file
Firstly, we have to make sure that we can resolve the name of our Active Directory server from the Centos 7 machine. To do that, we will create an entry for the server in ‘/etc/hosts’ file,
|$ vi /etc/hosts|
192.168.1.100 adds.ltechlab.com adds
Here, 192.168.1.100 is the IP address of the ADDS server &
Adds.ltechlab.com is the server name for ADDS server. After making an entry in hosts file, we will make another entry in ‘/etc/resolv.conf’ file as well,
|$ vi /etc/resolv.conf|
Save file & exit.
Step 2- Installing required packages
We will now move on to installing the packages that are required on Centos machine to connect it to the ADDS server,
|$ yum install realmd oddjob oddjob-mkhomedir sssd adcli openldap-clients policycoreutils-python samba-common samba-common-tools krb5-workstation|
Once these packages have been installed, we can then connect our Centos machine to Active directory server.
Step 3- Connecting to ADDS server
We will now use ‘realm’ command to connect our Centos machine to ADDS server, complete command that needs to executed is,
|$ realm join –user=administrator adds.ltechlab.com|
You will now be asked to enter the password for the user ‘administrator’, administrator is the user on Active directory which has the rights to connect our machine ADDS server. Upon successful authentication of user ‘administrator’, we would join the domain.
To check whether we have joined the domain or not, run
|$ realm list|
& we should get output something like,
login-formats: %[email protected]
This confirms that we are now part of a windows active directory domain & can now use the users that have been created via active directory to login to the Centos system.
Now all these AD users will work as local users on your Centos system, to grant the AD users the SUDO right, the process is similar as we do for the local users on any Centos machine i.e. we either create a group with SUDO access & add users to that group or we can either add all the users individually. For more detailed process, kindly check out our article on “GRANTING SUDO ACCESS TO USER ACCOUNTS IN RHEL & CENTOS”.
If you guys need any further explanation or have run into any trouble, please get in touch using the comment box below.