How to Integrate RHEL 7 or CentOS 7 with Windows Active Directory

Pradeep Kumar

I am a huge fan of open source and love to share How To's tutorials on Linux, Cloud and DevOps. I have been working as Linux Consultant, Cloud & DevOps Engineer since 2010

You may also like...

4 Responses

  1. mossholderm says:

    One pedantic complaint… in your last screenshot, you execute “sudo su -” … you should really just be using “sudo -i”.

  2. Tyler says:

    Do you know how to make JUST authentication work with CentOS 7? I’m trying to get some linux servers from one domain, to be able to authenticate to another, so I don’t want to join the domain. I was able to do this with CentOS 5 and 6, but I haven’t been able to get it to work with 7. Any thoughts?

  3. Bob says:

    Great info, thanks for posting. One thing I’m trying to figure out is how to restrict user logins based on AD group membership. Any ideas here? I saw one article referring to pam_access and nologin and editing the access.conf file but so far no luck. All domain members can still SSH to the host.

    Thanks again,

    Bob

    • Hi Bob,

      To restrict user login to CentOS 7 / RHEL 7 Server that are on window domain, use the following steps:

      1) Create the Security Groups on AD ( like linuxadmins”)
      2) Add the domain users (which to want to allow login) to this security group.
      3) MAP the security group to CentOS / RHEL 7 Server by adding the following line in the file (/etc/sssd/sssd.conf)

      [sssd]
      ……..

      realm permit -g AD-Domain-Group@domain

      example

      realm permit -g linuxadmins@example.com

      4) Restart the sssd service

      5) If you want to control rights as well , then you can place the ad security group in sudoers file, example is shown below

      %linuxadmins@example.com ALL=(ALL) ALL

Leave a Reply

Your email address will not be published. Required fields are marked *