Linux CenstOS 7 and Windows 2012 R2 Authentication integration

Posted On July 22, 2018

This article will show how to integrate Windows 2012 R2 Domain with CentOS 7 or RedHat 7. After completing this steps user will be able to login to Linux system with windows AS credentials.

Installing Identity Management for UNIX on Windows 2012 R2 DC by using a command line

Run powershell as administrator and execute the following commands

Dism.exe /online /enable-feature /featurename:adminui /all
Dism.exe /online /enable-feature /featurename:nis /all
Dism.exe /online /enable-feature /featurename:psync /all

After installation, Server for NIS creates a Network Information Service (NIS) domain with the same name as the AD DS domain. Administrators can add users, groups, or computers to this domain. Administrators can also migrate UNIX NIS domain data to Server for NIS and designate the Server for NIS computer as the master NIS server for the migrated domain.

Prepare CentsOS7 system

Install necessary packages with yum

yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y

Now you can join your domain

realm join --user=administrator lab.com

Run realm list to view domain information

[root@client1 ~]# realm list
lab.com
  type: kerberos
  realm-name: LAB.COM
  domain-name: lab.com
  configured: kerberos-member
  server-software: active-directory
  client-software: sssd
  required-package: oddjob
  required-package: oddjob-mkhomedir
  required-package: sssd
  required-package: adcli
  required-package: samba-common-tools
  login-formats: %U@lab.com
  login-policy: allow-realm-logins
[root@client1 ~]#