Manually join a Linux Machine to Active Directory using Winbind

These steps have been tested on the following platforms:
a) Centos 8 / Centos Stream 8
b) AlmaLinux 8
c) Rocky Linux 8
d) RHEL 8

STEPS

1. Login to your Linux machine and update it.
# yum -y update

2. Install the required Samba and Winbind packages on your Linux imachine.
# yum -y install authconfig samba samba-client samba-winbind samba-winbind-clients

3. Edit the smb.conf file and insert/replace with below content. First make a backup of the original file, then edit the file.
# cp /etc/samba/smb.conf /etc/samba/smb.ORIG
# vim /etc/samba/smb.conf

Replace you global section with the content below. Alternatively you can comment all lines in the default global section. Replace example with your actual domain name.

[global]
workgroup = example
security = ads
realm = example.com
idmap config * : rangesize = 1000000
idmap config * : range = 1000000-19999999
idmap config * : backend = autorid
winbind enum users = no
winbind enum groups = no
template homedir = /home/%U
template shell = /bin/bash
winbind use default domain = false

4. Make sure you have added your IP and hostname to /etc/hosts (NOTE: Its not mandatory but you might get warning error messages in the next step)
# vim /etc/hosts

Add your Linux server IP address as follows:

192.XX.XX.XX yourhostname.example.com yourhostname

5. Ensure winbind service is running.
# systemctl status winbind

6. Join your Linux machine to Active Directory using the net utility.
# net ads join -U join_account@example.com

7. Add the necessary entries for winbind authentication. Run the command below
# authconfig --enablewinbind --enablewinbindauth --enablemkhomedir --update

8. You can now connect to your server from another instance.
$ ssh example\\username@linux-IP
OR
$ ssh username@example.com@linux-IP

Kindly comment below if it works for you.

2 Comments
  1. Shan Mas 1 year ago

    Thank you so much again!
    This worked on CentOS 7!
    One thing i did differently, is to run the

    sudo systemctl start winbind

    right after the the installation of
    sudo yum -y install authconfig samba samba-client samba-winbind samba-winbind-clients

    The reason for that, .. for some reason, last time, after making the modifications windbind kept returning error and wasn’t starting up, so this time I did before I can make any changes to the system, and it ran without any issues.

    So, after everything went smoothly, user will need to login with their username@example.com to the machine. I managed to do this with Ubuntu following your Ubuntu tutorial and removed the necessary “@example.com” . I wonder if it’s possible with this tutorial as well?

    Thanks again!

    • Author
      Admin 1 year ago

      Thank you for sharing your experience with us! I’m thrilled to hear that the tutorial worked for you on CentOS 7. Your tip about starting winbind before making any modifications is really helpful, and I’ll be sure to update the tutorial to reflect that. As for logging in with the username@example.com format, it should be possible with this tutorial as well. I’ll make sure to include a step-by-step guide in the update. Thanks again for your feedback.

Leave a reply

Your email address will not be published. Required fields are marked *

*

©2024 ZMATECH: Innovative solutions for your IT challenges.

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

Forgot your details?