Problems Joining Fedora 20 to Active Directory



  • I have a fully up-to-date Fedora 20 system (LXDE desktop) that I am attempting to join to the AD Domain. I am using the desktop "Authentication" tool to automate the use of Winbind to connect to AD. The join domain process appears to work, or at least not fail, but it does nothing and does not join.

    This is our only Fedora box and the first time that we are trying to join Linux to our AD infrastructure. So I might be getting a lot wrong.

    What should I be using for the Realm name? Anyone have any experience with using Winbind to join Linux to Windows AD?



  • With AD, first thing to always check is DNS. Is the Fedora server able to resolve the AD Domain name correctly?



  • @StrongBad said:

    With AD, first thing to always check is DNS. Is the Fedora server able to resolve the AD Domain name correctly?

    Yes, I definitely checked that. The Fedora system has two of the three AD servers (which also do DNS but not DHCP) as its top two choices in /etc/resolv.conf and an nslookup test of the domain name returns the three domain controllers. So that appears to be fine.



  • What about NTLM vs Kerberos - I know in the past this was an issue. You had to relax security on AD to allow older clients to connect.



  • @Dashrender should not need that. This is the "join AD" setting, not "Join NT 4." UNIX has been Kerberos since before Windows 2000. Microsoft did Kerberos to keep up, not to get ahead.



  • did you find the problem?



  • @Dashrender said:

    did you find the problem?

    Nope. Didn't get much time to work on it though.