I recently answered a question on a forum regarding adding Fedora 19 to an Active Directory (AD) domain using realmd.
I have installed F19 stable from Netinstall CD using minimal install, no desktop. Make sure your network and DNS settings are working, obviously.
To successfully join a Windows 2008r2 AD domain using NTLMv2, I have done the following:
yum install realmd
realm discover –verbose example.com
That will tell you what software you need to install (samba-common doesn’t show up, but it will if you try to join a domain and it’s not installed).
yum install sssd oddjob oddjob-mkhomedir adcli samba-common
realm join –client-software=sssd example.com -U mydomainadmin
That should prompt for a password, and if successful, absolutely nothing will be displayed on STDOUT.
To test if you have successfully joined the domain, use
getent passwd EXAMPLE\\mydomainuser
and you should get a long passwd line.
Now, if you want to only allow certain users to log in, you can run the next two commands:
realm deny –all
realm permit mydomainuser@example.com
For more information about logins (including groups!), check out the man page for realm.
Bonus tip: If you are used to adding AD groups to the sudoers file, the format has changed slightly from RHEL / CentOS 6. Use the following for groups:
%domain\ admins@example.com ALL=(ALL) ALL