Good afternoon folks.
I'm trying to join a RHEL 7 server to our campus active directory so that users on campus can log-in using their active directory credentials instead of having to use a local account password. (And it will create a home directory for them if one doesn't exist, etc., etc.)
So far I have successfully installed RHEL 7 in a VM, networked it, and have installed realmd, oddjob, oddjob-mkhomedir, sssd, adcli, and samba-common.
# realm discover ad.school.edu
correctly shows AD information for our campus.
I created the Active Directory object correctly that corresponds with the name of my server (using Active Directory Users and Computers).
I joined the active directory by doing:
# realm -join -U myaccount ad.school.edu
(asks for password)
Just returns a prompt -- which means it joined correctly.
# realm list
ad.school.edu
type: kerberos
realm-name: AD.SCHOOL.EDU
domain-name: ad.school.edu
configured: kerberos-member
server-software: active-directory
client-software: sssd
(lists required packages, that I listed above, that have been installed)
login-formats: %U@ad.school.edu
login-policy: allow-realm-logins
All that said, I cannot log into the machine using AD credentials.
Even if I try to login as "myaccount@ad.school.edu" my AD password is rejected.
I've searched through a bunch of Google results and have looked through gobs of man pages with no luck.
My desired end result is to not have to append "@ad.school.edu" to the login information, but first I need to make sure I can log-in one way or another using AD.
And funny that one has to craft their "realm"-related Google searches carefully or most of the results will be related to Game of Thrones.
If anyone has any suggestions, I'd most certainly appreciate them.
Thanks in advance!
Mike