The AD server must be installed as a DNS server for a correct connection to AD. If DHCP is running on your network, as a rule, the administrator has already assigned the correct settings for your server. You can see a list of current DNS in the resolv.conf file:
1
cat /etc/resolv.conf
Copied!
The IP of the AD server will appear as a nameserver. Otherwise, you can manually assign the nameserver. When using DHCP, you cannot modify resolv.conf directly, so it will be necessary to follow a few simple steps.
Ubuntu 18.04
Let`s install resolvconf package
1
sudo apt update
2
sudo apt install resolvconf
3
sudo systemctl enable resolvconf.service
Copied!
You will then need to edit the /etc/resolvconf/resolv.conf.d/head file. Add the line:
1
nameserver <server_ip>
Copied!
and start
1
sudo systemctl start resolvconf.service
Copied!
Centos 7
The following lines should be added
1
PEERDNS=no
2
DNS1=<server_ip>
Copied!
to the file `/etc/sysconfig/network-scripts/ifcfg-* Here you need to replace ifcfg-* with the name of your network interface and restart NetworkManager
1
sudo systemctl restart NetworkManager
Copied!
Check your resolv.conf again to make sure everything is correct
1
cat /etc/resolv.conf
Copied!
Check that the domain name resolves. Note: under Centos 7, it may be required to install the bind-utils package:
If there is no error, everything went fine. You can go to the domain controller and check if our linux server appears in the domain. If the Active Directory server uses self-signed certificates, you need to edit the ldap.conf file. In ubuntu it is stored in /etc/ldap/ldap.conf, in Centos - /etc/openldap/ldap.conf. You should specify (add at the end of the file) this parameter:
1
TLS_REQCERT never
Copied!
Installation check
For example, to get all users (you have to enter a password):