LinuxTechLab.

com

Integrating Active Directory with

Linux (RHEL / CentOS)

Originally published on

LinuxTechLab.com
Most of the organisations uses Active Directory Domain Services or in short, ADDS, for
management & administration of users. We can connect all the Windows system to the
ADDS server & ADDS server can then be used to administer users, resources like
printers etc & we can also implement group policies based on users or systems.

We can not only connect the Windows machine to ADDS server but we can also connect
active directory with Linux machines. In this tutorial, we will be connecting Centos 7
machine to a Windows active directory server.

Pre-requisites

A working Active Directory server based on either Windows server 2008 R2 or

Windows server 2012,
A Centos 7 (or RHEL 7) machine for connecting to ADDS server.

Step 1- Creating entries for ADDS server in hosts &

resolv.conf file

Firstly, we have to make sure that we can resolve the name of our Active Directory
server from the Centos 7 machine. To do that, we will create an entry for the server in
/etc/hosts file,
$ vi /etc/hosts
192.168.1.100 adds.ltechlab.com adds

Here, 192.168.1.100 is the IP address of the ADDS server & Adds.ltechlab.com is the
server name for ADDS server. After making an entry in hosts file, we will make another
entry in /etc/resolv.conf file as well,
$ vi /etc/resolv.conf
nameserver 192.168.1.100
Save file & exit.

Step 2- Installing required packages

We will now move on to installing the packages that are required on Centos machine to
connect it to the ADDS server,
$ yum install realmd oddjob oddjob-mkhomedir sssd adcli openldap-clients policycoreutils-
python samba-common samba-common-tools krb5-workstation

Once these packages have been installed, we can then connect our Centos machine to
Active directory server.

Step 3- Connecting to ADDS server

We will now use realm command to connect our Centos machine to ADDS server,
complete command that needs to executed is,
$ realm join user=administrator adds.ltechlab.com

You will now be asked to enter the password for the user administrator, administrator
is the user on Active directory which has the rights to connect our machine ADDS server.
Upon successful authentication of user administrator, we would join the domain.

To check whether we have joined the domain or not, run

$ realm list

& we should get output something like,

ltechlab.com
type: kerberos
realm-name: LTECHLAB.COM
domain-name: ltechlab.com
configured: kerberos-member
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
login-formats: %U@ltechlab.com
login-policy: allow-realm-logins

This confirms that we are now part of a windows active directory domain & can now use
the users that have been created via active directory to login to the CentOS system.
Now all these AD users will work as local users on your Centos system, to grant the AD
users the SUDO right, the process is similar as we do for the local users on any Centos
machine i.e. we either create a group with SUDO access & add users to that group or we
can either add all the users individually. For more detailed process, kindly check out our
article on GRANTING SUDO ACCESS TO USER ACCOUNTS IN RHEL & CENTOS.

If you think we have helped you or just want to support us, please consider
these :-
Connect to us: Facebook | Twitter | Google Plus

LinuxTechLab.com