Myvideo

Guest

Login

Add Debian/Ubuntu Linux Device to Windows Active Directory

Uploaded By: Myvideo
6 views
0
0 votes
0

#Linux #ActiveDirectory #Enterprise Full steps can be found at -------------------------------------------------------------------- Installing Pre-Requesites and Configuration --------------------------------------------------------------------    01. Log into the Debian device and run the following commands in terminal:          sudo apt update          # set the fully qualified host name          sudo hostnamectl set-hostname          # confirm or add domain controller to DNS entries          sudo nano /etc/          sudo systemctl disable systemd-resolved          sudo systemctl stop systemd-resolved          sudo apt-get upgrade          # install required packages          sudo apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit          sudo realm discover    02. Paste the following text into /etc/          [libdefaults]          dns_lookup_realm = false          ticket_lifetime = 24h          renew_lifetime = 7d          forwardable = true          rdns = false          default_realm =          default_ccache_name = KEYRING:persistent:%{uid}    03. Press CTRL O, Enter, CTRL X to write the changes to /etc/    04. Continue with the following commands in terminal:          sudo realm join -U i12bretro          # check the configured value of the domain          sudo realm list    05. Paste the following lines into terminal together to enable automatically creating user home directories:          sudo bash -c “cat ≫ /usr/share/pam-configs/mkhomedir“ ≪≪EOF Name: activate mkhomedir          Default: yes          Priority: 900          Session-Type: Additional          Session:          required umask=0022 skel=/etc/skel          EOF    06. Continue with the following commands in terminal:          sudo pam-auth-update    07. Arrow down to activate mkhomedir ≫ Press spacebar to select ≫ Press Enter to confirm    08. Run one or more of the following commands in terminal to grant active directory users or groups access to log into the linux machine:          # add specific user(s )          realm permit user1@ user2@          # add specific group(s)          sudo realm permit -g 'LinuxUsers' 'Linux Admins'          # add everyone          sudo realm permit --all          # deny everyone          sudo realm deny --all    09. Similarly, run the following command to edit /etc/sudoers.d/domain_admins to add specific users or groups to the sudoers file:          sudo nano /etc/sudoers.d/domain_admins          # add specific user(s )          user1@ ALL=(ALL) ALL          user2@ ALL=(ALL) ALL          # add specific group(s)          %LinuxUsers@ ALL=(ALL) ALL          %Linux\ Admins@ ALL=(ALL) ALL    10. Press CTRL O, Enter, CTRL X to write the changes to /etc/sudoers.d/domain_admins   -------------------------------------------------------------------- Testing Active Directory Authentication --------------------------------------------------------------------    01. Attempt to login to the Debian device either into a desktop environment or via SSH. The user name must be formatted like user1@ and the password will be the active directory password   Additonal reading:     ### Connect with me and others ### ★ Discord: ★ Reddit: ★ Twitter:

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later