brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-08 21:34:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: articles about active directory / ldap integration

Browse Source
This commit is contained in:
Michele Cereda
2023-08-04 00:02:43 +02:00
parent 08f2d7960e
commit 075e6064be
2 changed files with 87 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
knowledge base/realmd.md Normal file
View File

@@ -0,0 +1,62 @@
# Realmd
On-demand system DBus service allowing callers to configure network authentication and domain membership in a standard way.
Realmd discovers information about the domain or realm automatically, and configures [SSSD] or [Winbind] to manage the actual network authentication and user account lookups.
## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr)
1. [Further readings](#further-readings)
## TL;DR
```sh
# Scan for domains on the network.
realm discover
realm discover 'domain.example.com'
# Add the system to domains.
realm join 'ad.example.com'
realm join --user='admin' --computer-ou='OU=Special' 'domain.example.com'
# List joined domains.
realm list
realm list --all --name-only
# Remove the system from domains.
realm leave 'ad.example.com'
# Enable access to the system for users within configured domains.
realm permit --all
realm permit 'username'
realm permit 'DOMAIN\User2'
realm permit --withdraw 'user@example.com'
# Restrict access to the system for users within configured domain.
realm deny --all
realm deny 'username'
realm deny 'DOMAIN\User2'
```
## Further readings
- [Website]
- [SSSD]
- [Winbind]
- [Integrating Linux systems with Active Directory environments]
<!--
References
-->
<!-- Upstream -->
[website]: https://www.freedesktop.org/software/realmd/
<!-- Knowledge base -->
[sssd]: sssd.md
<!-- Others -->
[integrating linux systems with active directory environments]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/index
[winbind]: https://www.winbind.org/

25
knowledge base/sssd.md Normal file
View File

@@ -0,0 +1,25 @@
# SSSD
Acronym for System Security Services Daemon, the open source client for enterprise identity management.
Enrolls Linux hosts into an Active Directory, FreeIPA or LDAP domain using remote identities, policies and various authentication and authorization mechanisms to access it.
## Table of contents <!-- omit in toc -->
1. [Further readings](#further-readings)
## Further readings
- [Website]
- [Documentation]
<!--
References
-->
<!-- Upstream -->
[website]: https://sssd.io/
[documentation]: https://sssd.io/docs/introduction.html
<!-- Knowledge base -->
[realmd]: realmd.md