How to join a Windows AD Domain as a Domain Controller on Linux (CentOS)

Need to configure :
1. User Information
– Use Winbind

2. Authentication

– Use PAM
– Use Krb5
– Local authorization is enough

1– set up the OS:
yum update -y

2– disable SELinux:

3– set hostname:

4– install prerequisites:

5–Install the following packages, if they aren’t already.

6— set-Authconfig
This will setup the necessary config files for both Kerberos and Samba. There is more config files to update from here.


8- configure

9 — Check the Kinit Users:

10 — Join the Domain
You’re now ready to join the machine to the domain. You can use the trusty net command to join the machine to the domain.

10.1. net ads join -U kur

10.2. net ads testjoin
Join is OK
11 – create Home Directories

You don’t really need to do this step but I find it’s a nice clean way to make sure you separate
domain users from your local users. Back in the authconfig step for the console configuration
you used the following switch.

These switches enabled automatic creation of home directories. For this to work with the GUI
version you will need to run authconfig with those 2 switches.

12. This is telling oddjobd to put any new home directories at the path /home/yourdomain/username.
You will need to create the /home/yourdomain path and make sure you’ve got your permissions correct.
I’ll be using ACLs as you’re able to configure much finer grain permissions. ACLs ship with pretty much
all modern linux distributions these days.

Integrating CentOS 7 with Active Directory using Winbind

Post Author: Rohit

1 thought on “How to join a Windows AD Domain as a Domain Controller on Linux (CentOS)

Leave a Reply

Your email address will not be published. Required fields are marked *