What's on this Page
If you are looking for how to add Linux ( CentOS ) into Microsoft domain controller ( Active Directory directory), then this articial useful for you.
I was working on Highly secure big data infra, where all services access where configure by Ranger ACL’s. the services were interact with Kafka, Hadoop, Hive etc. it’s uses Keytab files for authentications and the basic requirement were client should be part of the domain controller.
So I created one ansible role, that will help you to join linux machin into domain.
You can install directly from the source on github by following these steps:
Clone the repository:
git clone https://github.com/rahulinux/ansible-domain-join cd ansible-domain-join
Configuration and Usage
This project assumes you have a basic knowledge of how ansible works and have already prepared your hosts for configuration by ansible.
First need to create your inventory file, playbook and configuration for client machines
The ansible inventory file defines the hosts and what roles each host plays. The default location for an inventory file is
/etc/ansible/hosts but this file can be placed anywhere and used with the
-i flag of ansible-playbook. An example inventory file would look like:
[mygroup] ## Configure 'ip' variable to bind kubernetes services on a ## different ip than the default iface node1 ansible_ssh_host=22.214.171.124 # ip=10.3.0.1 node2 ansible_ssh_host=126.96.36.199 # ip=10.3.0.2 node3 ansible_ssh_host=188.8.131.52 # ip=10.3.0.3 node4 ansible_ssh_host=184.108.40.206 # ip=10.3.0.4 node5 ansible_ssh_host=220.127.116.11 # ip=10.3.0.5 node6 ansible_ssh_host=18.104.22.168 # ip=10.3.0.6
Note: For more information on ansible inventories please refer to the ansible documentation: http://docs.ansible.com/ansible/latest/intro_inventory.html
If you have SSH keys then you can simply configure following variable in
If you don’t have ssh key and want to configure username and password then you can pass in inventory itself, but this is not best practice.
192.168.122.1 ansible_ssh_user=rahul ansible_sudo_pass=p\@ssw1rd ansible_ssh_pass=p\@ssw1rd
You need to privode the details to join linux into domain, like domain user who has right to add client into domain and DNS server and FQDNS.
vars.yml at the root of the
--- - ad_server: ip: 172.31.61.1 fqdn: etl-ad01.linuxian.local user: myaduser pass: 'ChangeIt' domain: - linuxian.local - ec2.internal dns: - 172.31.61.1 - 172.31.0.2
You must have a playbook to pass to the
ansible-playbook command when deploy and configure client machines. There is a playbook at the root of the
ansible-domain-join project called
site.yaml, this playbook should work fine for most usages.
ansible-playbook -e @vars.yml site.yaml