by[Matei Cezar][23]| Published: March 17, 2017 |Last Updated: March 17, 2017
Download Your Free eBooks NOW-[10 Free Linux eBooks for Administrators][24]|[4 Free Shell Scripting eBooks][25]
This guide will describe how you can integrateCentOS 7 DesktoptoSamba4 Active Directory Domain ControllerwithAuthconfig-gtkin order to authenticate users across your network infrastructure from a single centralized account database held bySamba.
#### Requirements
1. [Create an Active Directory Infrastructure with Samba4 on Ubuntu][1]
2. [CentOS 7.3 Installation Guide][2]
### Step 1: Configure CentOS Network for Samba4 AD DC
1.Before starting to joinCentOS 7 Desktopto aSamba4domain you need to assure that the network is properly setup to query domain via DNS service.
OpenNetwork Settingsandturn offthe Wired network interface if enabled. Hit on the lowerSettingsbutton as illustrated in the below screenshots and manually edit your network settings, especially theDNSIPs that points to yourSamba4 AD DC.
When you finish, Applythe configurations and turn on your Network Wired Card.
2.Next, open your network interface configuration file and add a line at the end of file with the name of your domain. This line assures that the domain counterpart is automatically appended by DNS resolution (FQDN) when you use only a short name for a domain DNS record.
```
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eno16777736
3.Finally, restart the network services to reflect changes, verify if the resolver configuration file is correctly configured and issue a series ofpingcommands against your DCs short names and against your domain name in order to verify if DNS resolution is working.
7.Finally, install the graphical interface software used for domain integration provided by CentOS repos:Authconfig-gtk.
```
$ sudo yum install authconfig-gtk
```
### Step 3: Join CentOS 7 Desktop to Samba4 AD DC
8.The process of joining CentOS to a domain controller is very straightforward. From command line openAuthconfig-gtkprogram with root privileges and make the following changes as described below:
9.After you’ve added all required values, return toIdentity & Authenticationtab and hit onJoin Domainbutton andtheSavebutton from alert windowto save settings.
[
10.After the configuration has been saved you will be asked to provide a domain administrator account in order to join the domain. Supply the credentials for a domain administrator user and hit OK button to finally join the domain.
12.In order to verify if the system has been joined toSamba4 AD DCopen AD Users and Computersfrom a Windows machine with[RSAT tools installed][13]and navigate to your domain Computers container.
The name of your CentOS machine should be listed on the right plane.
[
][14]
Active Directory Users and Computers
### Step 4: Login to CentOS Desktop with a Samba4 AD DC Account
13.In order to login to CentOS Desktop hit onNot listed?link and add the username of a domain account preceded by the domain counterpart as illustrated below.
][18]
Authenticate Domain User Email
15.To add root privileges for a domain user or group, edit sudoers file using visudo command with root powers and add the following lines as illustrated on the below excerpt:
```
YOUR_DOMAIN\\domain_username ALL=(ALL:ALL) ALL #For domain users
%YOUR_DOMAIN\\your_domain\ group ALL=(ALL:ALL) ALL #For domain groups
```
[
][19]
Assign Permission to User and Group
16.To display a summary about the domain controller use the following command:
17.In order to verify if the trust machine account created when CentOS was added to the Samba4 AD DC is functional and list domain accounts from command line install Winbind client by issuing the below command:
```
$ sudo yum install samba-winbind-clients
```
Then issue a series of checks against Samba4 AD DC by executing the following commands:
```
$ wbinfo -p #Ping domain
$ wbinfo -t #Check trust relationship
$ wbinfo -u #List domain users
$ wbinfo -g #List domain groups
$ wbinfo -n domain_account #Get the SID of a domain account
```
[
][21]
Get Samba4 AD DC Details
18.In case you want to leave the domain issue the following command against your domain name by using an domain account with administrator privileges:
```
$ sudo net ads leave your_domain -U domain_admin_username
```
[
][22]
Leave Domain from Samba4 AD
That’s all! Although this procedure is focused on joiningCentOS 7to aSamba4 AD DC, the same steps described in this documentation are also valid for integrating a CentOS 7 Desktop machine to a Microsoft Windows Server 2008 or 2012 domain.
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.
