How I can setup CentOS to authenticate via Active Directory users


#1

Hello Friends…

I would like to know how I can setup CentOS 7 to authenticate via  Windows Active Directory users. 

After adding can we apply group polices on this users
can you suggest how I can track users entered commands history

Thanks in advance:slight_smile: :slight_smile:
Avinash Chiluveru


#2

@Avinash Try to follow these tutorials:

http://www.tecmint.com/join-centos-7-to-zentyal-pdc/


#3

thanks for your reply @aaronkili45
while trying to execute authconfig command, I’m getting below error

Job for winbind.service failed because the control process exited with error cod e. See “systemctl status winbind.service” and “journalctl -xe” for details


#4

What is the output of the commands below:


#5

● winbind.service - Samba Winbind Daemon
Loaded: loaded (/usr/lib/systemd/system/winbind.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2016-05-03 18:52:34 IST; 2s ago
Process: 8425 ExecStart=/usr/sbin/winbindd $WINBINDOPTIONS (code=exited, status=1/FAILURE)
Main PID: 8425 (code=exited, status=1/FAILURE)
Status: “Starting process…”

May 03 18:52:34 pennan114.local winbindd[8425]: [2016/05/03 18:52:34.016978, 0] …/source3/winbindd/winbindd_cache.c:3235(initialize_winb…_cache)
May 03 18:52:34 pennan114.local winbindd[8425]: initialize_winbindd_cache: clearing cache and re-creating with version number 2
May 03 18:52:34 pennan114.local winbindd[8425]: [2016/05/03 18:52:34.033613, 0] …/source3/winbindd/winbindd_util.c:736(init_domain_list)
May 03 18:52:34 pennan114.local winbindd[8425]: Could not fetch our SID - did we join?
May 03 18:52:34 pennan114.local winbindd[8425]: [2016/05/03 18:52:34.033743, 0] …/source3/winbindd/winbindd.c:1294(winbindd_register_handlers)
May 03 18:52:34 pennan114.local winbindd[8425]: unable to initialize domain list
May 03 18:52:34 pennan114.local systemd[1]: winbind.service: main process exited, code=exited, status=1/FAILURE
May 03 18:52:34 pennan114.local systemd[1]: Failed to start Samba Winbind Daemon.
May 03 18:52:34 pennan114.local systemd[1]: Unit winbind.service entered failed state.
May 03 18:52:34 pennan114.local systemd[1]: winbind.service failed.
Hint: Some lines were ellipsized, use -l to show in full.


#6

Try running this command:

sudo systemctl enable winbind.service

and then try running authconfig command.


#7

sorry I’m getting same error
but when am trying kinit command am able to authenticate to my A.D server


#8

thanks now I am able to login with AD user
but when am changing password from linux machine it’s not effecting in AD server


#9

@Avinash Am trying to figure out why this happening, [quote=“Avinash, post:8, topic:2846”]
but when am changing password from linux machine it’s not effecting in AD server
[/quote]

May be try also to look into other sources for solutions and we try to solve it.


#10

thanks now I am able to login with AD user
but when am changing password from linux machine it’s not effecting in AD server

Well, I think you need to read some docs first
You can’t change your AD user password from Linux so far I know.

You can login and use AD user/group with file permissions if extended attributes support is installed.

To change user password from Linux you have to use some external scripts which will trigger password change on the DC I suppose.