This article describes how to use the AUTHCONFIG-GTK tool to join the CentOS 7 desktop system to the SAMBA4 AD domain environment and log on to the CentOS system using a domain account.
Requirements
1. Create Active Directory schema using SAMBA4 in Ubuntu system
2. CentOS 7.3 Installation Guide
First step: Configure SAMBA4 AD DC in the CentOS system
1. Before adding CentOS 7 to the SAMBA4 domain environment, you must first configure the network environment of the CentOS system to ensure that DNS can be resolved to the domain name in the CentOS system.
Turn on network settings and turn off the wired network card. Open the Settings button below and manually edit the network settings to specify the IP address of the SAMBA4 AD DC server for DNS.
After Setup is complete, apply the configuration and turn on the wired network card.
Network settings
Configure the Network
2. Next, open the network configuration file and add a row of domain name information at the end of the file. This ensures that when you use only the hostname to query DNS records in the domain, the DNS resolver automatically adds the domain name.
- $ sudo vi/etc/sysconfig/network-scripts/ifcfg-eno16777736
Add the following line:
- Search= "Your_domain_name"
NIC Configuration
3. Finally, restart the NIC service to apply the changes and verify that the parser configuration file is configured correctly. We verify that DNS resolution works by using the ping command plus the host name or domain name of the DC server.
- $ sudo systemctl Restart network
- $ cat/etc/resolv.conf
- $ ping-c1 ADC1
- $ PING-C1 ADC2
- $ ping Tecmint.lan
Verify that the network configuration is healthy
4. At the same time, use the following command to configure your host name, and then restart your computer to apply the changes:
- $ sudo hostnamectl set-hostname your_hostname
- $ sudo init 6
Use the following command to verify that the host name is configured correctly:
- $ cat/etc/hostname
- $ hostname
5, the final step configuration is to use the following command to ensure that the system time with the SAMBA4 AD DC server time synchronization:
- $ sudo yum install ntpdate
- $ sudo ntpdate-ud domain.tld
Step Two: Install the necessary packages to join SAMBA4 AD DC
6, in order to add CentOS 7 to the Active Directory domain, you need to use the following command to install the relevant package:
- $ sudo yum install Samba samba Samba-winbind krb5-workstation
7. Finally, install the graphical interface package provided in the CentOS repositories: AUTHCONFIG-GTK. The software is used to integrate the CentOS system into a domain environment.
- $ sudo yum install AUTHCONFIG-GTK
Step three: Integrating the CentOS 7 desktop system into the SAMBA4 AD DC domain environment
8, the process of joining CentOS to the domain is very simple. Use a root account to open the AUTHCONFIG-GTK program at the command line, and then modify the configuration as shown:
- $ sudo authconfig-gtk
To open the identity or Authentication Configuration page:
- User account Database: Select Winbind
- Winbind domain: Your domain name
- Safe Mode: ADS
- Winbind ADS domain: your domain name. Tld
- Domain controller: domain-controlled server's full domain name
- Default Shell:/bin/bash
- Tick Allow offline login
Domain Authentication Configuration
To open the Advanced Options Configuration page:
- Local authentication option: Support fingerprint identification
- Other authentication options: User first login to create home directory
Advanced Authentication Configuration
9, after modifying the above configuration, return to the identity or Authentication Configuration page, click the Join the Domain button, in the pop-up box point to save.
Identities and Certifications
Save the authentication configuration
10. After saving the configuration, you will be prompted to provide domain administrator information to join the CentOS system to the domain. Enter the domain Administrator account number and password, click the OK button, join the domain to complete.
Join Winbind domain environment
11. After joining the domain, click the Apply button to have the configuration take effect, select all windows and restart the machine.
Application Authentication Configuration
12. To verify that CentOS has successfully joined the SAMBA4 ad DC, you can open the AD Users and Computers tool on the Windows machine where the RSAT tool is installed and click on the computer in the domain.
You will see the CentOS host information on the right.
Active Directory Users and Computers
Fourth step: Log in to the CentOS desktop system using the SAMBA4 AD DC account
13, choose to use another account, and then enter a domain account and password to log in, as shown:
- DOMAIN\domain_account
- Or
- [Email protected]
Use other accounts
Enter the domain user name
14, in the CentOS system command line, you can also use any of the following ways to switch to the domain account to log in:
- $ su-domain\domain_user
- $ SU-[email protected]
Sign in with a domain account
Log in using a domain account mailbox
15. To add root permissions for a domain user or group, open the Sudoers configuration file under the command line using the root account, and add the following line:
- Your_domain\\domain_username all= (all:all) all #For DOMAIN users
- %your_domain\\your_domain\ Group All= (all:all) all #For DOMAIN groups
Specify user and user group permissions
16. Use the following command to view the domain controller information:
- $ sudo net ads info
viewing domain controller information
17. You can use the following command on the machine where the Winbind client is installed to verify that the trust relationship after CentOS joins the SAMBA4 AD DC is normal:
- $ sudo yum install samba-winbind-clients
Then, perform some of the following commands to view information about the SAMBA4 AD DC:
- $ wbinfo-p # # # Ping Domain name
- $ wbinfo-t # # # Check Trust relationship
- $ wbinfo-u # # # list domain user accounts
- $ wbinfo-g # # # list Domain Users group
- $ wbinfo-n Domain_account # # # View SID information for a domain account
View SAMBA4 AD DC Information
18. If you want to get the CentOS system out of the domain, use an account with administrator privileges to execute the following command, followed by the domain name and domain administrator account, as shown in:
- $ sudo net ads leave Your_domain-u domain_admin_username
Exit SAMBA4 AD Domain
This article is written here! Although the above steps are to join the CentOS 7 system to the SAMBA4 AD DC domain, these steps also apply to adding a CentOS 7 desktop system to Microsoft Windows Server 2008 or 201 2 in the domain.
Linux OPS series one CentOS 7 desktop system added to SAMBA4 AD domain environment