I am currently working on setting up multiple environments for a new project (DEV, QA, and PROD) and will be integrating all of the servers to an Active Directory Domain Controller for user management.
Following are notes from when I configured a Fedora Core 18 laptop to integrate with an AD server. It is likely things have changed some from then and I will update this as required for a current version of RHEL7/CentOS 7.
Run the following commands as a local user with root priveleges:
. Installed necessary packages:
. # yum install sssd-tools adcli realmd
. sssd will not have the /etc/sssd/sssd.conf file installed until you join a domain (see below) so do not try to configure it.
. disabled selinux
. Perhaps selinux can be re-enabled after joining and configuration?
. search for a realm:
. # realm discover -v
# realm discover -v
* Looking up our DHCP domain
* Discovering for DHCP domain: somedomain.com
* Searching for kerberos SRV records for domain: _kerberos._udp.somedomain.com
* Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.somedomain.com
* server1.somedomain.com:88 server2.somedomain.com:88 server3.somedomain.com:88
* Found kerberos DNS records for: somedomain.com
* Found AD style DNS records for: somedomain.com
* Successfully discovered: somedomain.com
. joined the domain:
. # realm join -U admin –verbose somedomain.com
. allowed all lotame users to login
. # realm permit –realm somedomain.com –all
. Add the home directory paths
. # mkdir /home/SOMEDOMAIN
. chkconfig on sssd:
. # systemctl enable sssd
. Log out from the local user account and then log in as a user in the domain:
. uid: SOMEDOMAIN\uid
. This will log you in as that user and create a home account in /home/SOMEDOMAIN/uid