Guide to Online Casinos - www.Casino.us.org
Cloud Computing Tutorials For Beginners Free: Linux-Active directory integration

Sunday, 3 July 2016

Linux-Active directory integration



Centrify ( Linux login with AD)

1. Download centrify linux client for linux from (http://www.centrify.com/express/linux-unix/download-    files/#accordion-download-express-02)  ( For downloading use this command from Linux terminal
[root@VM-RHEL7-TEST ~]# wget http://edge.centrify.com/products/centrify-suite/2015-update-1/installers/centrify-suite-2015.1-rhel4-x86_64.tgz)
2. Extract the file  (tar –xvf centrify-suite-2015.1-rhel4-x86_64.tgz2)
3. Run sh install-express.sh
4. Give proper AD domain name and all with proper credentials for checking
5. After installation check ad status with adinfo (if centrifyDC mode: disconnected)
6. Join to the Active Directory (adjoin –w –u administrator domain.com)
u- Username to authenticate AD
7. Provide administrator password.
8.Check adinfo (it’s should be  like below)
[root@VM-RHEL7-TEST ~]# adinfo
Local host name:   vm-rhel7-test
Joined to domain:  domain.com
Joined as:         vm-rhel7-test.domain.com
Pre-win2K name:    vm-rhel7-test
Current DC:        vm-actived-prod.domain.com
Preferred site:    Default-First-Site-Name
Zone             :     Auto Zone
Last password set: 2015-12-02 02:40:22 MeST
CentrifyDC mode:   connected
Licensed Features: Disabled
9. To check AD user name  (getent password | grep “username”
10. To check AD group (getent group | grep “group name”
11. Use ad flush instead of gpupdate (adflush –f (sync with AD and update))
adcheck - checks if all systems are a go to join a domain or to diagnose domain connectivity
adinfo - shows you what's up with the AD client
adjoin/adleave - joins, leaves AD domains
12. Restrict users with SSH configuration (only cops, root and particular user only can login to the server)
13. Edit /etc/centrifydc/ssh/sshd_config file and allow particular group or user (Vim /etc/centrifydc/ssh/sshd_config)
####Add the below lines in to /etc/centrifydc/ssh/sshd_config#####
AllowUsers username1 username2
AllowGroups gropu1 gropu2 root
14. Restart SSH service ([root@VM-RHEL7-TEST ~]# /etc/init.d/centrify-sshd restart)
15. Allow cops and particular group in to sudo group. Edit sudoers file and add the below lines
 Vim /etc/sudoers
##########Add the below lines in to /etc/sudoers ###########
For sysadmins %sysadmin ALL=(ALL)       NOPASSWD: ALL (it will allow cops user to run sudo without prompting user password )
For any other group  %groupname  ALL=(ALL)       ALL
For any users Username  ALL=(ALL)       ALL
Run any root related work with sudo Eg: sudo service sshd restart (copy any file through sftp to home folder or /tmp)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)