Tested on Debian 12 & 13 ( 13 in testing freeze at this time )
Tested using GDM3 & Light DM
Tested on a 192.x.x.x LAN using /etc/hosts only for name resolution to dc1
When done you can login as user@mydomain.com
INSTRUCTIONS:
terminal: # apt install -y realmd sssd sssd-tools libnss-sss libpam-sss krb5-user adcli samba-common-bin oddjob oddjob-mkhomedir
terminal: # pam-auth-update --enable mkhomedir
USE THESE 2 FILES FOR REFERENCE:
/etc/krb5.conf
[libdefaults]
default_realm = MYDOMAIN.COM
dns_lookup_kdc = true
dns_lookup_realm = false
udp_preference_limit = 0
[realms]
MYDOMAIN.COM = {
kdc = MYDOMAIN.COM
admin_server = MYDOMAIN.COM
}
[domain_realm]
.MYDOMAIN.COM = MYDOMAIN.COM
MYDOMAIN.COM = MYDOMAIN.COM
/etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.1.1 my-pc-hostname
192.168.0.227 dc1 dc1.mydomain.com mydomain.com
terminal: # realm join -U administrator mydomain.com
You will get a password prompt…
Now you can login( once you’ve created a user in the AD )