Hi @sashaluda
This is actually possible, but to set it correctly, you’ld probably need to use the Micrsoft RSAT AD Tools, including the one with UNIX subsystem settings.
I haven’t quite got down to getting my Debian workstation yet using AD, but I use OpenMediaVault (OMV) for a lot of my clients and at home.
OMV is basically - like Proxmox - set up on basic Debian. No matter if using the ISO or on top of Debian, I was able to integrate OMV correctly in AD.
What worked for me was this instruction by user Chris.T:
The steps needed should be easily doable on any Debian using cli - don’t forget the reboot!
A good idea is also to verify the join, using AD tools on a suitable workstation or VM, logged in as AD admin! (Member Computers)…
Correct DNS for all is of utmost importance!
Two basic caveats remain, the RSAT settings mentionned above (possible solution shown above), and the AD SSL certificate.
On NS7 it was fairly easy to use an LE SSL certificate for the AD, but this procedure needs to be adapted & documented for NS8…
Note:
I have this working on several setups, some of them quite large!
OMV are either VMs, or native installs on appropriate hardware.
→ This works - so far - rock solid on all sites, no issues with any updates or such.
If possible, document your steps and make a HowTo here.
As in Open Source, others can benefit!
As always: Make backups for every step!
And Good Luck!
My 2 cents
Andy
My home OMV, showing AD groups:
PS:
In OMV i only need to be able to use AD users and groups for share authentification.
A Linux workstation is a different animal, yes.
But PAM and Samba have been around a long time, it should work for most Debian based systems. (Maybe not Ubuntu…)
