How to join a CentOS 6.7/8 box to OpenLdap pass through active directory environment

This is the method I use to Join my Centos 6.7/8  VDI templates. After this is done, you  don’t have to do anything to the provisioned VMs.  With Horizon View 7, it’s much easier to create and add Linux boxes to a pool.

 

Install the following packages.

 yum -y install openldap openldap-clients nss_ldap authconfig nss-pam-ldapd.x86_64  pam_krb5.x86_64

Run the command as root or sudo.

authconfig-gtk

The authentication configuration windows will open and input the highlighted fields.

**The openldap certificate, I import it from the openldap server, and put it in a location on the local machine where I can have easy access to it**

auth

Switch to advanced options and check the create home directories on the first login and click apply.

auth2

For some reason, every time I join a Centos box to the domain this way, it does not work so I have to add the following line tls_reqcert     allow to /etc/openldap/ldap.conf and /etc/nslcd.conf  and then it works.

Finally, the test!

Reload nslcd service – # service nslcd restart

Run the command – # getent passwd domainuser  <– this user is a AD user

auth3

And UI login test.

 

test

Happy Cloning!

Leave a Reply

Close Menu