CentOS 7 – AD Authentication
Hello everyone.
I have a fresh install of CentOS 7 server. I would like to use my AD users to login via SSH into this CentOS server. In version 6 I had to configure
/etc/nslcd.conf and pam.
Do you know any good tutorials or do yo have any advise how to start and which packets I need.
Thanks for answers.
Best regards. Luka
3 thoughts on - CentOS 7 – AD Authentication
This is very simple in the new CentOS 7:
realm join –client-software=sssd example.com -U mydomainadmin reboot enjoy
—
Sent from the Delta quadrant using Borg technology!
Nux!
http://www.nux.ro
—– Original Message —–
Luka Filipic wrote:
users to login via SSH into this CentOS server. In version 6 I had to configure /etc/nslcd.conf and pam. which packets I need.
I’m not fully up to speed yet – we’ve *just* set up a workstation to play with with a fresh upstream release – but in nssswitch we’re telling it to use files sss, and in sssd.d/sssd.conf, our domain, that our auth_provider is krb5 (we are using kerberos), id_provider is ldap, and a few other lines. We also have krb5 configured to use the AD.
Hope this is a start.
mark
I just tried it, and it really is MUCH simpler than it used to be.
I had to install realmd first, which actually told me what other packages I’d need that weren’t actual dependencies (samba-common, oddjob, sssd, and a couple others). Then I ran Nux!’s command.
I also needed to permit a user to log in (maybe because I didn’t reboot), but the example in RH’s integration guide (section 3.4) didn’t work for me. I figured out that “realm permit user@domain.com” did the trick, and I could log in to the console as user@domain.com or via SSH as user@domain.com@hostname.
Two lines (not counting installing the packages) was all it took.