HowTo join Debian 9 Desktop to NethServer-7 Active Directory
Please feel free to give me a feedback to be able to correct my howto. I mean technical and formulation (I am not a nativ speaker).
This is based upon limited testing, and a small number of users. Both, Client and Server, were installed as VPS under Proxmox PVE.
Installed NethServer 7.4 Server and updated from command line. Active Directory has been configured and the domain-name example.org was given.
Installed Debian 9 (debian-9.2.1-amd64-DVD-1.iso), with standard gnome desktop and one local user who has local admin rights. DHCP-Client was activ to get an IP from the NethServer who is acting as DHCP-and AD-Server. It is important that the Debian Client can resolv DNS correctly.
Now we can join the Domain example.org with:
±+ Open a Terminal on Debian 9
±+ Get root:
±+ install some packages:
apt-get install sudo realmd ntp adcli sssd
sudo mkdir -p /var/lib/samba/private
±+ Enable sssd:
sudo systemctl enable sssd
±+ Join Domain:
sudo realm join --user=administrator example.org
±+ Start sssd:
sudo systemctl start sssd
±+ (all in one line)
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session
±+ Install libsss-sudo
sudo apt-get install libsss-sudo
±+ Set sudoers permission:
echo "email@example.com ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/DomainAdmins
echo "firstname.lastname@example.org ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/DomainAdmins
±+ Reboot Debian Desktop:
±+ After the reboot, logon with: