{"id":3435,"date":"2024-06-21T12:58:26","date_gmt":"2024-06-21T17:58:26","guid":{"rendered":"https:\/\/microsoftgeek.com\/?p=3435"},"modified":"2024-06-21T13:00:34","modified_gmt":"2024-06-21T18:00:34","slug":"bash-script-to-join-a-linux-server-to-an-active-directory-domain","status":"publish","type":"post","link":"https:\/\/microsoftgeek.com\/?p=3435","title":{"rendered":"Bash script to join a Linux server to an Active Directory domain"},"content":{"rendered":"\n<p>Joining a Linux server to an Active Directory (AD) domain is a non-trivial task and requires a series of steps, which might vary based on the Linux distribution and the version of AD. In most common scenarios, you can use tools like <em>realmd <\/em>or <em>sssd <\/em>to facilitate the join.<\/p>\n\n\n\n<p>Below, you&#8217;ll find a basic script that uses <em>realmd <\/em>to join an Active Directory domain. This script assumes that you have the necessary packages and that your system is configured to resolve the AD DNS correctly.<\/p>\n\n\n\n<p><strong>IMPORTANT<\/strong>: Please consult your organization&#8217;s guidelines and documentation, and work with your system administrator, to ensure that you&#8217;re following the correct procedure for your specific environment. Also, ensure that you have all necessary permissions and that you understand the impact of these commands before executing them.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>bashCopy code<code>#!\/bin\/bash\n\n# Check if the script is run as root\nif &#91; \"$EUID\" -ne 0 ]\n  then echo \"Please run this script as root or with sudo\"\n  exit\nfi\n\n# Parameters - these should be customized for your environment\nDOMAIN=\"yourdomain.com\"\nUSER=\"your-admin-username\"\nPASSWORD=\"your-admin-password\"\n\n# Install required packages\necho \"Installing required packages...\"\napt-get update\napt-get install -y realmd sssd sssd-tools adcli samba-common-bin\n\n# Discover the realm\necho \"Discovering the realm...\"\nrealm discover $DOMAIN\n\n# Join the domain\necho \"Joining the domain...\"\necho $PASSWORD | realm join --user=$USER $DOMAIN\n\n# Enable login with AD credentials\necho \"Enabling login with AD credentials...\"\nauth-client-config -e -p nsswithsssd\n\n# Restarting services\necho \"Restarting services...\"\nsystemctl restart sssd\n\necho \"Server has been joined to the domain: $DOMAIN\"\n<\/code><\/code><\/pre>\n\n\n\n<p>This script is quite generic and may need customization based on your specific setup, including the necessary packages and configuration files for the Linux distribution and AD environment in use. It&#8217;s vital to thoroughly test the script in a non-production environment to understand its effects and ensure it meets your requirements.<\/p>\n\n\n\n<p>Always be cautious with passwords in scripts. If possible, you might want to avoid including them directly in the script, and instead use a more secure method of handling credentials. Consider utilizing a privileged account management solution, or prompt for the password at runtime instead of embedding it in the script.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Joining a Linux server to an Active Directory (AD) domain is a non-trivial task and requires a series of steps, which might vary based on the Linux distribution and the version of AD. In most common scenarios, you can use tools like realmd or sssd to facilitate the join. Below, you&#8217;ll find a basic script [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[42,13],"tags":[],"class_list":["post-3435","post","type-post","status-publish","format-standard","hentry","category-ad","category-linux"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3435"}],"version-history":[{"count":6,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3435\/revisions"}],"predecessor-version":[{"id":3441,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3435\/revisions\/3441"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3435"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3435"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}