Integrating Active Directory with Linux (RHEL / CentOS)

Last updated on March 12th, 2018 at 08:36 pm

Most of the organisations uses Active Directory Domain Services or in short, ADDS, for management & administration of users. We can connect all the Windows system to the ADDS server & ADDS server can then be used to administer users, resources like printers etc & we can also implement group policies based on users or systems.
We can not only connect the Windows machine to ADDS server but we can also connect active directory with Linux machines. In this tutorial, we will be connecting Centos 7 machine to a Windows active directory server.

 

Pre-requisites

  • A working Active Directory server based on either Windows server 2008 R2 or Windows server 2012,
  • A Centos 7 (or RHEL 7) machine for connecting to ADDS server.

 

Step 1- Creating entries for ADDS server in hosts & resolv.conf file

 

Firstly, we have to make sure that we can resolve the name of our Active Directory server from the Centos 7 machine. To do that, we will create an entry for the server in ‘/etc/hosts’ file,

$ vi /etc/hosts
192.168.1.100 adds.ltechlab.com adds

Here, 192.168.1.100 is the IP address of the ADDS server &
Adds.ltechlab.com is the server name for ADDS server. After making an entry in hosts file, we will make another entry in ‘/etc/resolv.conf’ file as well,

$ vi /etc/resolv.conf
nameserver 192.168.1.100

Save file & exit.

 

Step 2- Installing required packages

 

We will now move on to installing the packages that are required on Centos machine to connect it to the ADDS server,

$ yum install realmd oddjob oddjob-mkhomedir sssd adcli openldap-clients policycoreutils-python samba-common samba-common-tools krb5-workstation

Once these packages have been installed, we can then connect our Centos machine to Active directory server.

 

Step 3- Connecting to ADDS server

 

We will now use ‘realm’ command to connect our Centos machine to ADDS server, complete command that needs to executed is,

$ realm join –user=administrator adds.ltechlab.com

You will now be asked to enter the password for the user ‘administrator’, administrator is the user on Active directory which has the rights to connect our machine ADDS server. Upon successful authentication of user ‘administrator’, we would join the domain.

To check whether we have joined the domain or not, run

$ realm list

& we should get output something like,

ltechlab.com
type: kerberos
realm-name: LTECHLAB.COM
domain-name: ltechlab.com
configured: kerberos-member
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
login-formats: %U@ltechlab.com
login-policy: allow-realm-logins

 

This confirms that we are now part of a windows active directory domain & can now use the users that have been created via active directory to login to the Centos system.

Now all these AD users will work as local users on your Centos system, to grant the AD users the SUDO right, the process is similar as we do for the local users on any Centos machine i.e. we either create a group with SUDO access & add users to that group or we can either add all the users individually. For more detailed process, kindly check out our article on “GRANTING SUDO ACCESS TO USER ACCOUNTS IN RHEL & CENTOS”.

If you guys need any further explanation or have run into any trouble, please get in touch using the comment box below.

If you think we have helped you or just want to support us, please consider these :-

Connect to us: Facebook | Twitter | Google Plus

Become a Supporter – Donate us some of you hard earned money:

Linux TechLab is thankful for your continued support.

Shusain

Passionate about Linux & open source. Loves to learn, read & write about Linux as well as new technologies.

You may also like...

Leave a Reply