How can I integrate Windows AD on RHEL 8 using SSSD?
Ensure that the following ports on the RHEL host are open and accessible to the AD domain controllers.
DNS =53, LDAP =389, Kerberos 88 & 464, LDAP Global Catalog 3268,LDAPS 636 and NTP 123 (UDP)
1 . Login to Ezeelogin Web-GUI > open settings > Ldap
Add the details of LDAP configurations.
2. Go to Settings > General > Authentication > change Web panel Authentication to LDAP
3. Select the LDAP users and click on the button to import users into Ezeelogin
You can confirm the imported LDAP users were listed in the Users tab in Ezeelogin GUI. You will be able to log in to Ezeelogin GUI with windows user credentials.
4. Enable Security code LDAP option from Settings > General > Authentication, if the user does not want to login to Ezeelogin GUI to set up a security code.
Backend configuration to integrate Windows with RHEL 8
1. Install the following packages:
yum install samba-common-tools realmd oddjob oddjob-mkhomedir sssd adcli krb5-workstation nscd
Ensure that you are using the AD domain controller server for DNS.
2. Add the following to /etc/hosts file
3. Add in windows server IP /etc/resolv.conf to resolve and disc over AD do main.
4. To display information for a specific domain, run realm discover and add the name of the domain you want to discover.
root@gateway ~]# realm discover ezad.com
5. Configure RHEL with the Active Directory domain by the following command. Replace Administrator with Windows admin account.
6. You can verify by displaying AD user details, such as the administrator user:
7. After successful join, edit /etc/sssd/sssd.conf and change use_fully_qualified_names to False and append the following override_shell = /usr/local/bin/ezsh
8 . Restart sssd and nscd using the below commands.
9. Run id username /getent passwd username and s ee AD user de tails.
Now you will be able to log in with Windows AD credentials