sudo apt install realmd sssd adcli oddjob oddjob-mkhomedir packagekit
sudo apt install sssd sssd-tools sssd-dbus realmd adcli samba-common samba-common-bin oddjob oddjob-mkhomedir packagekit
realm discover rnd.abc
sudo realm join rnd.abc -U gvp
nano /etc/sssd/sssd.conf
[sssd]
services = nss, pam, ssh
config_file_version = 2
domains = rnd.abc
[domain/rnd.abc]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = RND.ABC
realmd_tags = manages-system joined-with-adcli
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = rnd.abc
use_fully_qualified_names = True
ldap_id_mapping = True
access_provider = ad
systemctl restart sssd
sudo sss_cache -E
UsePAM yes
systemctl restart ssh
sudo usermod -aG sudo '[email protected]'
sudo apt install oddjob oddjob-mkhomedir
sudo systemctl enable oddjobd
sudo systemctl start oddjobd
sudo pam-auth-update --enable mkhomedir
ldapsearch -x -H ldap://172.31.5.20\
-D "[email protected]" -W \
-b "dc=rnd,dc=abc" "(sAMAccountName=gvp)"
nano /etc/sssd/sssd.conf
use_fully_qualified_names = False
fallback_homedir = /home/%u
sudo systemctl edit realmd.service
[Service]
TimeoutStartSec=300
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reexec
sudo systemctl daemon-reload
sudo systemctl enable realmd
sudo systemctl start realmd
Try to gvp@rnd.abc@localhost to verify login