In my office, we use samba domain + ldap. I already join some Windows 7 machines, but now I need to join CentOS 7 to that domain. How can I do that?
Below are steps that I already did:
- install nss-pam-ldap.x86_64
- configure smb.conf in /etc/samba/
- configure all files in /etc/pam.d/, that call pam_unix.so to call and pam_ldap.so
- add ldap to paswd, shadow and group lines in nsswich.conf
- configure nslcd.conf
When i try to join with:
net join -U administrator
I get this:
cannot join standalone machine
When I run
journalcrl -r
I get some pam_ldap error:
pam_ldap: error opening connection to nslcd: No such file or directory.
Best Answer
Krisko. First you have to install the packages for an sssd integration:
Then create the machine account in an AD container your user ([Domain UID]) has full access to.
Add the machine to the domain: realm --verbose join [FQ Domain name] -U [Domain UID]
Adjust /etc/sssd/sssd.conf
You may have to adjust these 2 sections of /etc/krb5.conf
Then this will no longer be a standalone machine, and you may authenticate domain users. Hope it helps.