Joining CentOS and authenticate to ACtive Directory using winbind
- Make sure that you have a working DNS that can resolve the domain you are going to join and authenticate the CentOS server. Check /etc/resolv.conf
Install the ff:
yum install authconfig krb5-workstation pam_krb5 samba-common
Execute the command:
Assuming the domain is MYCOMPANY.COM
authconfig --disablecache --enablewinbind --enablewinbindauth --smbsecurity=ads --smbworkgroup=MYCOMPANY --smbrealm=MYCOMPANY.COM --enablewinbindusedefaultdomain --enablekrb5 --krb5realm=MYCOMPANY.COM --enablekrb5kdcdns --enablekrb5realmdns --enablelocauthorize --enablepamaccess --smbidmapuid=16777216-16777300 --krb5kdc=srv001.mycompany.com --krb5adminserver=srv001.mycompany.com --winbindtemplateshell=/bin/bash --updateall
The command above will change the /etc/samba/smb.conf and /etc/krb5.conf
Once done on the authconfig command, issue the command below:
kinit admin.user@MYCOMPANY.COM #This will ask for your password that you use on your AD domain to login, and will tell you if the server was joined successfully.
Once accepted, you may join to domain.
net join -w MYCOMPANY.COM -U admin.user #Again will ask for a password.
/etc/init.d/winbind restart
chkconfig winbind on
