Differences

This shows you the differences between two versions of the page.

--- redhat:other-redhat:join-domain-redhat [2017/09/05 15:59] – michael
+++ redhat:other-redhat:join-domain-redhat [2019/03/07 14:49] (current) – [How to join RHEL system to Active Directory] michael
@@ Line 2: / Line 2: @@
-===== Voraussetzungen: =====
+{{ :redhat:other-redhat:join-computer-domain-redhat.png?nolink&300 |}}
-  * ''Red Hat Enterprise Linux 7'' oder 6
+<WRAP center round important 100%>
-  * Vorhandenes und funktionierendes - ''Active Directory''
+**Voraussetzungen:**
+  * ''**Red Hat Enterprise Linux 7** / **6**''
+  * ''**Vorhandenes und funktionierendes - Active Directory**''
+</WRAP>
+----
 ===== Konfigurationsablauf =====
-  - Make Sure RHEL machine is able to resolve Active Directory servers.
+<wrap em>Before you start: Make Sure RHEL machine is able to resolve Active Directory servers!</wrap>
-  - Install adcli package along with sssd: <code># yum install adcli sssd authconfig</code>
+  - **Install adcli package** along with **sssd**: <code># yum install adcli sssd authconfig</code>
-  - Then discover the AD domain: <code>adcli info ad.example.com</code>
+  - Then **discover** the **AD domain**: <code>adcli info ad.example.com</code>
-  - adcli will show few details about the AD domain. now, **join RHEL system to AD domain using adcli**<WRAP center box 100%>
+  - **adcli** will show few details about the AD domain. now, **join RHEL system to AD domain using adcli**<WRAP center box 100%>
 <code># adcli join ad.example.com</code> <sxh plain; gutter: false;>Password for Administrator@AD.EXAMPLE.COM:  <---- Enter Admin password</sxh>
 </WRAP>
   - The join operation creates a keytab the machine will authenticate with. When inspect the with klist -kt, should show several entries that contain client hostname in some form: <code># klist -kte</code>
-  - Configure /etc/krb5.conf to use AD domain: <WRAP center box 100%> <code># vim /etc/krb5.conf</code> <sxh bash;>[libdefaults]
+  - **Configure /etc/krb5.conf** to use AD domain: <WRAP center box 100%> <code># vim /etc/krb5.conf</code> <sxh bash;>[libdefaults]
 default_realm = AD.EXAMPLE.COM
 dns_lookup_realm = true
@@ Line 34: / Line 42: @@
 </sxh>
 </WRAP>
-  - Use authconfig to set up the Name Service Switch(/etc/nsswitch.conf) and PAM stacks(password-authand system-auth):<code># authconfig --enablesssd --enablesssdauth --update</code> //Above command will modify and add necessary entries in /etc/nsswitch.conf, /etc/pam.d/password-auth and /etc/pam.d/system-auth files.//
+  - Use authconfig to **set up** the **Name Service Switch**(/etc/nsswitch.conf) and **PAM stacks**(password-authand system-auth):<code># authconfig --enablesssd --enablesssdauth --update</code> //Above command will modify and add necessary entries in /etc/nsswitch.conf, /etc/pam.d/password-auth and /etc/pam.d/system-auth files.//
-  - The final step is to configure the SSSD itself. Open /etc/sssd/sssd.conf and define a single domain: <WRAP center box 100%>
+  - **The final step** is to __configure__ the **SSSD** itself. Open /etc/sssd/sssd.conf and define a single domain: <WRAP center box 100%>
 <code># vim /etc/sssd/sssd.conf</code> <sxh bash;>[sssd]
 services = nss, pam, ssh, autofs
@@ Line 49: / Line 57: @@
 # systemctl enable sssd</code>
-Finally, fetch user information for AD user and then try to login as AD user:
+**After you are done, fetch user information for AD user and try to login:**
 <code># id Administrator
 # ssh Administrator@localhost</code>