Linux OPS series one CentOS 7 desktop system added to SAMBA4 AD domain environment

Source: Internet
Author: User
Tags gtk tld

This article describes how to use the AUTHCONFIG-GTK tool to join the CentOS 7 desktop system to the SAMBA4 AD domain environment and log on to the CentOS system using a domain account.

Requirements

1. Create Active Directory schema using SAMBA4 in Ubuntu system

2. CentOS 7.3 Installation Guide

First step: Configure SAMBA4 AD DC in the CentOS system

1. Before adding CentOS 7 to the SAMBA4 domain environment, you must first configure the network environment of the CentOS system to ensure that DNS can be resolved to the domain name in the CentOS system.

Turn on network settings and turn off the wired network card. Open the Settings button below and manually edit the network settings to specify the IP address of the SAMBA4 AD DC server for DNS.

After Setup is complete, apply the configuration and turn on the wired network card.

Network settings

Configure the Network

2. Next, open the network configuration file and add a row of domain name information at the end of the file. This ensures that when you use only the hostname to query DNS records in the domain, the DNS resolver automatically adds the domain name.

    1. $ sudo vi/etc/sysconfig/network-scripts/ifcfg-eno16777736

Add the following line:

    1. Search= "Your_domain_name"

NIC Configuration

3. Finally, restart the NIC service to apply the changes and verify that the parser configuration file is configured correctly. We verify that DNS resolution works by using the ping command plus the host name or domain name of the DC server.

    1. $ sudo systemctl Restart network
    2. $ cat/etc/resolv.conf
    3. $ ping-c1 ADC1
    4. $ PING-C1 ADC2
    5. $ ping Tecmint.lan

Verify that the network configuration is healthy

4. At the same time, use the following command to configure your host name, and then restart your computer to apply the changes:

    1. $ sudo hostnamectl set-hostname your_hostname
    2. $ sudo init 6

Use the following command to verify that the host name is configured correctly:

    1. $ cat/etc/hostname
    2. $ hostname

5, the final step configuration is to use the following command to ensure that the system time with the SAMBA4 AD DC server time synchronization:

    1. $ sudo yum install ntpdate
    2. $ sudo ntpdate-ud domain.tld

Step Two: Install the necessary packages to join SAMBA4 AD DC

6, in order to add CentOS 7 to the Active Directory domain, you need to use the following command to install the relevant package:

    1. $ sudo yum install Samba samba Samba-winbind krb5-workstation

7. Finally, install the graphical interface package provided in the CentOS repositories: AUTHCONFIG-GTK. The software is used to integrate the CentOS system into a domain environment.

    1. $ sudo yum install AUTHCONFIG-GTK

Step three: Integrating the CentOS 7 desktop system into the SAMBA4 AD DC domain environment

8, the process of joining CentOS to the domain is very simple. Use a root account to open the AUTHCONFIG-GTK program at the command line, and then modify the configuration as shown:

    1. $ sudo authconfig-gtk

To open the identity or Authentication Configuration page:

    • User account Database: Select Winbind
    • Winbind domain: Your domain name
    • Safe Mode: ADS
    • Winbind ADS domain: your domain name. Tld
    • Domain controller: domain-controlled server's full domain name
    • Default Shell:/bin/bash
    • Tick Allow offline login

Domain Authentication Configuration

To open the Advanced Options Configuration page:

    • Local authentication option: Support fingerprint identification
    • Other authentication options: User first login to create home directory

Advanced Authentication Configuration

9, after modifying the above configuration, return to the identity or Authentication Configuration page, click the Join the Domain button, in the pop-up box point to save.

Identities and Certifications

Save the authentication configuration

10. After saving the configuration, you will be prompted to provide domain administrator information to join the CentOS system to the domain. Enter the domain Administrator account number and password, click the OK button, join the domain to complete.

Join Winbind domain environment

11. After joining the domain, click the Apply button to have the configuration take effect, select all windows and restart the machine.

Application Authentication Configuration

12. To verify that CentOS has successfully joined the SAMBA4 ad DC, you can open the AD Users and Computers tool on the Windows machine where the RSAT tool is installed and click on the computer in the domain.

You will see the CentOS host information on the right.

Active Directory Users and Computers

Fourth step: Log in to the CentOS desktop system using the SAMBA4 AD DC account

13, choose to use another account, and then enter a domain account and password to log in, as shown:

    1. DOMAIN\domain_account
    2. Or
    3. [Email protected]

Use other accounts

Enter the domain user name

14, in the CentOS system command line, you can also use any of the following ways to switch to the domain account to log in:

    1. $ su-domain\domain_user
    2. $ SU-[email protected]

Sign in with a domain account

Log in using a domain account mailbox

15. To add root permissions for a domain user or group, open the Sudoers configuration file under the command line using the root account, and add the following line:

    1. Your_domain\\domain_username all= (all:all) all #For DOMAIN users
    2. %your_domain\\your_domain\ Group All= (all:all) all #For DOMAIN groups

Specify user and user group permissions

16. Use the following command to view the domain controller information:

    1. $ sudo net ads info

viewing domain controller information

17. You can use the following command on the machine where the Winbind client is installed to verify that the trust relationship after CentOS joins the SAMBA4 AD DC is normal:

    1. $ sudo yum install samba-winbind-clients

Then, perform some of the following commands to view information about the SAMBA4 AD DC:

    1. $ wbinfo-p # # # Ping Domain name
    2. $ wbinfo-t # # # Check Trust relationship
    3. $ wbinfo-u # # # list domain user accounts
    4. $ wbinfo-g # # # list Domain Users group
    5. $ wbinfo-n Domain_account # # # View SID information for a domain account

View SAMBA4 AD DC Information

18. If you want to get the CentOS system out of the domain, use an account with administrator privileges to execute the following command, followed by the domain name and domain administrator account, as shown in:

    1. $ sudo net ads leave Your_domain-u domain_admin_username

Exit SAMBA4 AD Domain

This article is written here! Although the above steps are to join the CentOS 7 system to the SAMBA4 AD DC domain, these steps also apply to adding a CentOS 7 desktop system to Microsoft Windows Server 2008 or 201 2 in the domain.

Linux OPS series one CentOS 7 desktop system added to SAMBA4 AD domain environment

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.