Linux integration Active Directory: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Theoretically | Theoretically | ||
* For authentication: plugin Kerberos and configure it with AD domain. | * For authentication: plugin Kerberos and configure it with AD domain (PAM). | ||
* Configure LDAP for NSS and point it to AD domain. | * Configure LDAP for NSS and point it to AD domain (NSS). | ||
System Security Services Daemon (SSSD) is a set of daemons to manage access to remote directories and authentication mechanisms. | System Security Services Daemon (SSSD) is a set of daemons to manage access to remote directories and authentication mechanisms. | ||
SSSD has a AD module | |||
The hostname determines the computername with which AD is joined. | The hostname determines the computername with which AD is joined. | ||
Mapping SID to UID/GID. | |||
- Iedere AD user kan inloggen. | |||
- sshd_config AllowGroups | |||
- sudo %domain-ssh-users@lab.local ALL=(ALL:ALL) ALL | |||
=== Commands === | |||
realm join -vU ''user'' ''realm'' Join the domain | |||
id Check join | |||
Revision as of 08:49, 1 November 2018
Theoretically
- For authentication: plugin Kerberos and configure it with AD domain (PAM).
- Configure LDAP for NSS and point it to AD domain (NSS).
System Security Services Daemon (SSSD) is a set of daemons to manage access to remote directories and authentication mechanisms. SSSD has a AD module
The hostname determines the computername with which AD is joined.
Mapping SID to UID/GID.
- Iedere AD user kan inloggen. - sshd_config AllowGroups - sudo %domain-ssh-users@lab.local ALL=(ALL:ALL) ALL
Commands
realm join -vU user realm Join the domain id Check join