There are several options for using MI Active Directory for authentication, authorization and management of Unix, Linux and Mac computers.
The first step is obtaining a delegated OU in MI. For more information, see MI Delegated OUs.
Once you have a delegated OU, you may use your OU administrative account to configure any of the following options.
There are also a variety of suggestions from the user community which may be valuable to you.
Options for Joining Linux Computers to MI
- A delegated OU is required.
- A computer object must be pre-created in your delegated OU for each computer you wish to join to the domain before attempting to do the join/bind.
- The netid.washington.edu DNS suffix/zone cannot be used (unless it is a UW-IT server).
Option 1: Linux native Winbind/krb5
We have no direct experience with this but do know that several campus departments have successfully utilized this technique. Many of the specifics are identical to the SSSD ones below.
Option 2: Linux native ssd
Please reference the Red Hat whitepaper Integrating Red Hat Enterprise Linux 6 with Active Directory. See Section 6.3 “Configuration 3 – SSD/Kerberos/LDAP”. Also RHEL7 Windows Integration Guide provides some advanced coverage and a version 7 update.