Debian Edu Wheezy Roaming Workstation in Active Directory (recipe)
One easy thing to do when using sssd in our Roaming Workstation profile
in Wheezy, is to hook it up as a Active Directory client. The recipe is
available from
<URL: https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server >.
So I just added a small script to do automatic realm and AD server
detection, and convert a Debian Edu Wheezy Roaming Workstation. To get
it working, you need:
1) A network with Active Directory domain controller.
2) A AD user with enough privileges to register a new machine in AD.
3) A computer capable of installing Debian Edu Wheezy Roaming Workstation.
The recipe is very simple.
1 - Install Debian Edu Wheezy Roaming Workstation
-------------------------------------------------
Hook up the machine to the AD network, and install the Roaming
Workstation profile. This can be done using the netinst ISO burned to
CD or booting from a USB stick.
2 - Log in as root, run setup-ad-client
---------------------------------------
When the installation is done, log in as user root, and run the
following script:
/usr/share/debian-edu-config/tools/setup-ad-client
It assume that your AD user is Administrator, and will exit with an
error if you do not have the password for this user. But fear not. If
you want to use another user, run these commands as root after running
setup-ad-client:
net ads join -U <your-prefered-user>
service sssd restart
When this is done, the machine should be registered as a AD client
machine and any user in AD should be able to log in and get a local home
directory, just as it would work with a Roaming Workstation and a Debian
Edu server.
As this setup is very new, I am sure there are minor bugs and problems
with it. It should not change the default setup, and only trigger when
a AD server is detected, but you newer know. :) Please test and let us
know how it go in your AD network. :)
--
Happy hacking
Petter Reinholdtsen
Reply to: