Monday 19 July 2021

How to Integrate CentOS 7 with Windows AD - Realmd



Realmd widely used to discover and joining objects into windows domain controller. CentOS7 machines can be integrated with AD (Active Directory) for centralized authentications and users/groups level access can be managed through centralized AD controller.
This article describes How to Integrate CentOS7 with Windows AD - Realmd
 
Step 1. Package Installation: Run the following command to install realmd related packages:
 
[root@linuxcnf ~]# yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common-tools krb5-workstation
Loaded plugins: fastestmirror
…………………………
Installed:
  adcli.x86_64 0:0.8.1-16.el7_9.1       krb5-workstation.x86_64 0:1.15.1-50.el7          oddjob.x86_64 0:0.31.5-4.el7        oddjob-mkhomedir.x86_64 0:0.31.5-4.el7
  realmd.x86_64 0:0.16.1-12.el7_9.1     samba-common-tools.x86_64 0:4.10.16-15.el7_9     sssd.x86_64 0:1.16.5-10.el7_9.8
 
Dependency Installed:
  avahi-libs.x86_64 0:0.6.31-20.el7                       c-ares.x86_64 0:1.10.0-3.el7                          ………………………..
 
Complete!
[root@linuxcnf ~]#
 
Step 2. Configure DNS: Run the following command and add DNS in resolv.conf file:
 
[root@linuxcnf ~]# vi /etc/resolv.conf
# Generated by NetworkManager
search dc-node1.linuxcnf.com
nameserver 192.168.1.103
……………………..
[root@linuxcnf ~]#
 
Step 3. AD Integration: Before running the below command create an object on AD for the client machine and run the below command on client machine to integrate the machine with AD:
 
[root@linuxcnf ~]# realm –user=ad-user dc-node1.linuxcnf.com
Password for ad-user:
[root@linuxcnf ~]#
 
Step 4. Validate AD Integration: Run the following command to verify the AD integration:
 
[root@linuxcnf ~]# id ad-user@dc-node1.linuxcnf.com
uid=2004934419(ad-user@dc-node1.linuxcnf.com) gid=2004930801(domain users@dc-node1.linuxcnf.com) groups=2004930801(domain users@dc-node1.linuxcnf.com)
…………………….
[root@linuxcnf ~]#
 
Done!!! CentOS7 machine is integrated with windows active directory.

No comments:

Post a Comment