HowTo join Debian 9 Desktop to NethServer-7 Active Directory
Please feel free to give me a feedback, I mean technically and formally.
Warning:
This is based upon limited testing, and a small number of users. Both, Client and Server, were installed as VPS under Proxmox PVE.
Server prerequisites:
Installed NethServer 7.4 Server and updated from command line. Active Directory has been configured and the domain-name example.org was given.
Client prerequisites:
Installed Debian 9 (debian-9.2.1-amd64-DVD-1.iso), with standard gnome desktop and one local user who has local admin rights. DHCP-Client was activ to get an IP from the NethServer who is acting as DHCP-and AD-Server. It is important that the Debian Client can resolv DNS correctly.
Now we can join the Domain example.org with:
±+ Open a Terminal on Debian 9
±+ Get root:
su
±+ install some packages:
apt-get install sudo realmd ntp adcli sssd
±+
sudo mkdir -p /var/lib/samba/private
±+ Enable sssd:
sudo systemctl enable sssd
±+ Join Domain:
sudo realm join --user=administrator example.org
±+ Start sssd:
sudo systemctl start sssd
±+ (all in one line)
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session
±+ Install libsss-sudo
sudo apt-get install libsss-sudo
±+ Set sudoers permission:
echo "administrator@example.org ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/DomainAdmins
echo "admin@example.org ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/DomainAdmins
±+ Reboot Debian Desktop:
reboot
±+ After the reboot, logon with:
user: administrator@example.org
pass: your-administrator-password
